Security News > 2025 > February > SonicWall firewall exploit lets hackers hijack VPN sessions, patch now
2025-02-11 15:56
Security researchers at Bishop Fox have published complete exploitation details for the CVE-2024-53704 vulnerability that allows bypassing the authentication mechanism in certain versions of the SonicOS SSLVPN application. [...]
News URL
Related news
- Hackers exploit DoS flaw to disable Palo Alto Networks firewalls (source)
- Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens (source)
- Hackers exploit Four-Faith router flaw to open reverse shells (source)
- SonicWall urges admins to patch exploitable SSLVPN bug immediately (source)
- Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Hackers leak configs and VPN credentials for 15,000 FortiGate devices (source)
- Patch procrastination leaves 50,000 Fortinet firewalls vulnerable to zero-day (source)
- Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet (source)
- Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025 (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-09 | CVE-2024-53704 | An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication. | 0.0 |