URL has been copied successfully!
CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices


Tags: , , , , , , , , ,

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two six-year-old security flaws impacting Sitecore CMS and Experience Platform (XP) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The vulnerabilities are listed below -CVE-2019-9874 (CVSS score: 9.8) – A deserialization vulnerability in the Sitecore.Security.AntiCSRF

First seen on thehackernews.com

Jump to article: thehackernews.com/2025/03/cisa-flags-two-six-year-old-sitecore.html

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed
  2. U.S. CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog
  3. CISA Warns of Active Exploitation in Trimble Cityworks Vulnerability Leading to IIS RCE
  4. Hackers breach Microsoft IIS services using Cityworks RCE bug