Tag: rce
-
One PUT Request to Own Tomcat: CVE-2025-24813 RCE is in the Wild
A devastating new remote code execution (RCE) vulnerability, CVE-2025-24813, is now actively exploited in the wild. Attackers need just one PUT API request to take over vulnerable Apache Tomcat servers. The exploit, originally published by a Chinese forum user iSee857, is already available online: CVE-2025-24813 PoC by iSee857. Exploit Breakdown: How a Simple PUT Request…
-
Schwachstelle in der Sitecore-Experience-Platform ermöglicht RemoteExecution ohne Authentifizierung
Die kürzlich entdeckte Schwachstelle CVE-2025-27218 ist eine nicht autorisierte Sicherheitsanfälligkeit für Remotecodeausführung (Remote-Control-Execution, RCE) und betrifft die Sitecore-Experience-Platform und die Experience-Manager Version 10.4 vor KB1002844. Obwohl die Schwachstelle keine Authentifizierung erfordert und RCE ermöglicht, wurde sie mit einem seltsam gering erscheinenden CVSS-Ranking von 5,3 eingestuft. Über einen Hotfix des Herstellers ist die Vulnerability gepatcht. Forscher…
-
Apple patches zero-day bugs used in targeted iPhone attacks
Three zero-days within months: This marks Apple’s third zero-day fix since the start of the year, following patches for CVE-2025-24085 in January and CVE-2025-24200 in February.Apple’s leading market share attracts frequent adversarial interest, making a development or configurational mishap extremely punishing. The company suffered a total of twenty bugs in 2023, including the RCE bugs,…
-
March 2025 Patch Tuesday: Microsoft Fixes 57 Vulnerabilities, 7 Zero-Days
Microsoft’s March 2025 Patch Tuesday fixes six actively exploited zero-day vulnerabilities, including critical RCE and privilege escalation flaws. Learn how these vulnerabilities impact Windows systems and why immediate patching is essential. First seen on hackread.com Jump to article: hackread.com/march-2025-patch-tuesday-microsoft-fixes-vulnerabilities-zero-days/
-
Critical PHP RCE vulnerability mass exploited in new attacks
Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass exploitation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-php-rce-vulnerability-mass-exploited-in-new-attacks/
-
RCE-Schwachstelle CVE-2025-24813 in Apache Tomcat
Kurze Information für Leser, die für einen Apache Tomcat-Server verantwortlich sind. Es gibt wohl eine Schwachstelle CVE-2025-24813, die eine Remote Code Execution (RCE) ermöglicht. Es sind auch Datenabflüsse möglich daher sollten entsprechende Installationen umgehen aktualisiert werden. Die Schwachstelle CVE-2025-24813 … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/11/rce-schwachstelle-cve-2025-24813-in-apache-tomcat/
-
Apache Camel RCE Vulnerability PoC Exploit Released in GitHub
A Proof of Concept (PoC) exploit for the Apache Camel vulnerability CVE-2025-27636 has been released on GitHub. This vulnerability affects Apache Camel versions 4.10.0-4.10.1, 4.8.0-4.8.4, and 3.10.0-3.22.3, allowing attackers to inject arbitrary headers and potentially execute internal Camel methods, including Remote Code Execution (RCE) via the Camel Exec component. Vulnerability Details The vulnerability arises from…
-
Apache Tomcat Flaw Could Allow RCE Attacks on Servers
Tags: apache, attack, cyber, flaw, open-source, rce, remote-code-execution, risk, software, vulnerabilityApache Tomcat, a widely used open-source web server software, has faced numerous security vulnerabilities in recent years. Some critical issues put servers at risk of remote code execution (RCE) and other attacks. These vulnerabilities highlight the importance of keeping software up-to-date and properly configured to prevent potential exploits. Detailed Vulnerabilities: Below is a formatted table…
-
Threat Actors Exploit PHP-CGI RCE Vulnerability to Attack Windows Machines
Tags: apache, attack, cve, cyber, cybersecurity, exploit, rce, remote-code-execution, threat, vulnerability, windowsA recent cybersecurity threat has emerged where unknown attackers are exploiting a critical remote code execution (RCE) vulnerability in PHP-CGI on Windows systems. This vulnerability, identified as CVE-2024-4577, allows attackers to execute arbitrary PHP code on servers using Apache with a vulnerable PHP-CGI setup. The attackers are primarily targeting organizations in Japan across various sectors,…
-
Critical DrayTek Router Vulnerabilities Expose Devices to RCE Attacks
Tags: attack, conference, cyber, firmware, office, rce, remote-code-execution, risk, router, vulnerabilityA recent security analysis of Draytek Vigor routers has uncovered severe vulnerabilities that could allow attackers to hijack devices, execute arbitrary code, and bypass critical security controls. These findings, disclosed by researchers at DEFCON 32 HHV and Ekoparty 2024, highlight systemic risks in widely used small office/home office (SOHO) routers due to outdated firmware, weak…
-
PHP-CGI RCE Flaw Exploited in Attacks on Japan’s Tech, Telecom, and E-Commerce Sectors
Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025.”The attacker has exploited the vulnerability CVE-2024-4577, a remote code execution (RCE) flaw in the PHP-CGI implementation of PHP on Windows, to gain initial access to victim machines,” Cisco Talos researcher Chetan Raghuprasad said in a…
-
Attackers Target Japanese Firms with Cobalt Strike
Attackers are actively exploiting an RCE flaw in Windows PHP-CGI implementations to target Japanese firms, deploying Cobalt Strike for persistence First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/attackers-japan-cobalt-strike/
-
Windows KDC Proxy RCE Vulnerability Allows Remote Server Takeover
Tags: authentication, control, cvss, cyber, flaw, microsoft, rce, remote-code-execution, vulnerability, windowsA recently patched remote code execution (RCE) vulnerability in Microsoft Windows’ Key Distribution Center (KDC) Proxy implementation allows unauthenticated attackers to take control of vulnerable servers through manipulated Kerberos authentication traffic. Designated CVE-2024-43639 and rated 9.8 CVSS, this critical flaw stems from improper validation of message lengths during ASN.1 encoding operation, enabling memory corruption attacks. The vulnerability…
-
MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-202527364)
Users of the MITRE Caldera cyber security platform have been urged to plug a critical hole (CVE-202527364) that may allow unauthenticated attackers to achieve remote code … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/28/mitre-caldera-rce-vulnerability-with-public-poc-cve-2025-27364/
-
MITRE Caldera Hit by Critical RCE Flaw (CVE-2025-27364) Here’s What You Need to Know
CVE-2025-27364, a critical Remote Code Execution (RCE) flaw has been discovered in MITRE Caldera, an open-source adversary emulation platform used by security professionals. This flaw could allow attackers to execute arbitrary code on the server running Caldera, leading to the compromise of sensitive systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2025-27364-in-mitre-caldera/
-
Max Severity RCE Vuln in All Versions of MITRE Caldera
In the wrong hands, the popular red-teaming tool can be made to access networks, escalate privileges, conduct reconnaissance, and disguise malicious activity as a simulated exercise. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/max-severity-rce-vuln-all-versions-mitre-caldera
-
Hackers Exploiting Cisco Small Business Routers RCE Vulnerability Deploying Webshell
Tags: backdoor, business, cisco, cve, cyber, cybercrime, exploit, flaw, hacker, rce, remote-code-execution, router, vulnerabilityA critical remote code execution (RCE) vulnerability, CVE-2023-20118, affecting Cisco Small Business Routers, has become a focal point for cybercriminals deploying webshells and advanced backdoor payloads. The vulnerability, caused by improper input validation in the routers’ web-based management interface, allows unauthenticated attackers to execute arbitrary commands by sending specially crafted HTTP requests. This flaw has…
-
Critical RCE Vulnerability in MITRE Caldera Proof of Concept Released
A critical remote code execution (RCE) vulnerability has been uncovered in MITRE Caldera, a widely used adversarial emulation framework. The flaw (CVE-2025-27364) affects all versions prior to commit 35bc06e, potentially exposing systems running Caldera servers to unauthenticated attacks. Attackers can exploit this vulnerability by abusing dynamic compilation features in Caldera’s Sandcat and Manx agents, leading to…
-
Mongoose ODM critical RCE flaws detailed, PoC exploits revealed
First seen on scworld.com Jump to article: www.scworld.com/news/mongoose-odm-critical-rce-flaws-detailed-poc-exploits-revealed
-
Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers
OPSWAT details two critical vulnerabilities in the Mongoose ODM library for MongoDB leading to remote code execution on the Node.js server. The post Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/vulnerabilities-in-mongodb-library-allow-rce-on-node-js-servers/
-
CISA Warns of Active Exploitation of SonicWall SonicOS RCE Vulnerability
Tags: authentication, cisa, cyber, cybersecurity, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vpn, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding the active exploitation of critical remote code execution (RCE) vulnerability in SonicWall’s SonicOS, tracked as CVE-2024-53704. Added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on February 19, 2025, the flaw enables unauthenticated attackers to hijack SSL VPN sessions and bypass authentication mechanisms…
-
Fortinet’s FortiOS Vulnerabilities Allow Attackers Trigger RCE and Launch DoS Attack
Fortinet’s FortiOS, the operating system powering its VPN and firewall appliances, has been found vulnerable to multiple security flaws that could allow attackers to execute remote code (RCE) and launch denial-of-service (DoS) attacks. These vulnerabilities, disclosed by Akamai researcher Ben Barnea, were assigned CVE-2024-46666 and CVE-2024-46668. Fortinet released patches on January 14, 2025, to mitigate…
-
Hackers Can Exploit >>Wormable<< Windows LDAP RCE Vulnerability for Remote Attacks
Tags: access, attack, cve, cyber, cybersecurity, exploit, flaw, hacker, microsoft, network, rce, remote-code-execution, vulnerability, windowsA critical new vulnerability in Microsoft’s Windows Lightweight Directory Access Protocol (LDAP), tagged as CVE-2025-21376, has recently come to light, raising alarms across global cybersecurity circles. The flaw, which has been classified as >>critical,>wormable>Wormable
-
Kriminelle nutzen kritischen RCE-Bug in Microsoft Outlook
Die US-Sicherheitsbehörde CISA warnt vor einer derzeit laufenden Angriffswelle, bei der eine kritische Remote Code Execution (RCE)-Sicherheitslücke in Microsoft Outlook ausgenutzt wird. First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/kriminelle-nutzen-kritischen-rce-bug-in-microsoft-outlook
-
Microsoft’s February 2025 Patch Tuesday Addresses 55 CVEs (CVE-2025-21418, CVE-2025-21391)
Tags: access, advisory, android, apt, attack, authentication, best-practice, cve, cyber, data, exploit, firmware, flaw, group, Internet, lazarus, linux, malicious, microsoft, network, north-korea, ntlm, office, rce, remote-code-execution, service, technology, tool, update, vulnerability, windows, zero-day3Critical 52Important 0Moderate 0Low Microsoft addresses 55 CVEs with three rated critical and four zero-day vulnerabilities, including two that were exploited in the wild. Microsoft patched 55 CVEs in its February 2025 Patch Tuesday release, with three rated critical and 52 rated as important. Our counts omitted one vulnerability reported by HackerOne. This month’s update…
-
Thousands of GFI KerioControl firewalls still at risk of exploited critical RCE
First seen on scworld.com Jump to article: www.scworld.com/brief/thousands-of-gfi-keriocontrol-firewalls-still-at-risk-of-exploited-critical-rce
-
Thousands of GFI KerioControl Firewalls Still At Risk From Critical RCE
First seen on scworld.com Jump to article: www.scworld.com/brief/thousands-of-gfi-keriocontrol-firewalls-still-at-risk-from-critical-rce
-
Microsoft Patch Tuesday February 2025: 61 Vulnerabilities Including 25 RCE 3 0-Day
Microsoft has released its highly anticipated Patch Tuesday security updates for February 2025, addressing a wide range of vulnerabilities across its products and services. This month’s release includes fixes for critical remote code execution (RCE) vulnerabilities, elevation of privilege flaws, and other security issues that attackers could potentially exploit. Organizations and users are urged to…
-
Over 12,000 KerioControl firewalls remain prone to RCE attacks amid active exploits
The flaw enables one-click RCE: The Kerio Control vulnerability, in conjunction with an older vulnerability, can allow escalating the issue into a one-click RCE attack, granting root access to the firewall system. The flaw has persisted for nearly seven years, affecting versions 9.2.5 (released in 2018) to 9.4.5.According to Romano’s POC, the exploit would include…