RondoDox botnet exploits unpatched XWiki flaw CVE-2025-24893 to gain RCE and infect more servers, despite fixes released in February 2025. RondoDox is targeting unpatched XWiki servers via critical RCE flaw CVE-2025-24893 (CVSS score of 9.8), pulling more devices into its botnet despite patches released in Feb 2025. The XWiki Platform is a generic wiki framework […]
First seen on securityaffairs.com
Jump to article: securityaffairs.com/184702/malware/rondodox-expands-botnet-by-exploiting-xwiki-rce-bug-left-unpatched-since-february-2025.html
