Tag: rce
-
MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-202527364)
Users of the MITRE Caldera cyber security platform have been urged to plug a critical hole (CVE-202527364) that may allow unauthenticated attackers to achieve remote code … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/28/mitre-caldera-rce-vulnerability-with-public-poc-cve-2025-27364/
-
MITRE Caldera Hit by Critical RCE Flaw (CVE-2025-27364) Here’s What You Need to Know
CVE-2025-27364, a critical Remote Code Execution (RCE) flaw has been discovered in MITRE Caldera, an open-source adversary emulation platform used by security professionals. This flaw could allow attackers to execute arbitrary code on the server running Caldera, leading to the compromise of sensitive systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2025-27364-in-mitre-caldera/
-
Max Severity RCE Vuln in All Versions of MITRE Caldera
In the wrong hands, the popular red-teaming tool can be made to access networks, escalate privileges, conduct reconnaissance, and disguise malicious activity as a simulated exercise. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/max-severity-rce-vuln-all-versions-mitre-caldera
-
Hackers Exploiting Cisco Small Business Routers RCE Vulnerability Deploying Webshell
Tags: backdoor, business, cisco, cve, cyber, cybercrime, exploit, flaw, hacker, rce, remote-code-execution, router, vulnerabilityA critical remote code execution (RCE) vulnerability, CVE-2023-20118, affecting Cisco Small Business Routers, has become a focal point for cybercriminals deploying webshells and advanced backdoor payloads. The vulnerability, caused by improper input validation in the routers’ web-based management interface, allows unauthenticated attackers to execute arbitrary commands by sending specially crafted HTTP requests. This flaw has…
-
Critical RCE Vulnerability in MITRE Caldera Proof of Concept Released
A critical remote code execution (RCE) vulnerability has been uncovered in MITRE Caldera, a widely used adversarial emulation framework. The flaw (CVE-2025-27364) affects all versions prior to commit 35bc06e, potentially exposing systems running Caldera servers to unauthenticated attacks. Attackers can exploit this vulnerability by abusing dynamic compilation features in Caldera’s Sandcat and Manx agents, leading to…
-
Mongoose ODM critical RCE flaws detailed, PoC exploits revealed
First seen on scworld.com Jump to article: www.scworld.com/news/mongoose-odm-critical-rce-flaws-detailed-poc-exploits-revealed
-
Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers
OPSWAT details two critical vulnerabilities in the Mongoose ODM library for MongoDB leading to remote code execution on the Node.js server. The post Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/vulnerabilities-in-mongodb-library-allow-rce-on-node-js-servers/
-
CISA Warns of Active Exploitation of SonicWall SonicOS RCE Vulnerability
Tags: authentication, cisa, cyber, cybersecurity, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vpn, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding the active exploitation of critical remote code execution (RCE) vulnerability in SonicWall’s SonicOS, tracked as CVE-2024-53704. Added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on February 19, 2025, the flaw enables unauthenticated attackers to hijack SSL VPN sessions and bypass authentication mechanisms…
-
Fortinet’s FortiOS Vulnerabilities Allow Attackers Trigger RCE and Launch DoS Attack
Fortinet’s FortiOS, the operating system powering its VPN and firewall appliances, has been found vulnerable to multiple security flaws that could allow attackers to execute remote code (RCE) and launch denial-of-service (DoS) attacks. These vulnerabilities, disclosed by Akamai researcher Ben Barnea, were assigned CVE-2024-46666 and CVE-2024-46668. Fortinet released patches on January 14, 2025, to mitigate…
-
Hackers Can Exploit >>Wormable<< Windows LDAP RCE Vulnerability for Remote Attacks
Tags: access, attack, cve, cyber, cybersecurity, exploit, flaw, hacker, microsoft, network, rce, remote-code-execution, vulnerability, windowsA critical new vulnerability in Microsoft’s Windows Lightweight Directory Access Protocol (LDAP), tagged as CVE-2025-21376, has recently come to light, raising alarms across global cybersecurity circles. The flaw, which has been classified as >>critical,>wormable>Wormable
-
Kriminelle nutzen kritischen RCE-Bug in Microsoft Outlook
Die US-Sicherheitsbehörde CISA warnt vor einer derzeit laufenden Angriffswelle, bei der eine kritische Remote Code Execution (RCE)-Sicherheitslücke in Microsoft Outlook ausgenutzt wird. First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/kriminelle-nutzen-kritischen-rce-bug-in-microsoft-outlook
-
Microsoft’s February 2025 Patch Tuesday Addresses 55 CVEs (CVE-2025-21418, CVE-2025-21391)
Tags: access, advisory, android, apt, attack, authentication, best-practice, cve, cyber, data, exploit, firmware, flaw, group, Internet, lazarus, linux, malicious, microsoft, network, north-korea, ntlm, office, rce, remote-code-execution, service, technology, tool, update, vulnerability, windows, zero-day3Critical 52Important 0Moderate 0Low Microsoft addresses 55 CVEs with three rated critical and four zero-day vulnerabilities, including two that were exploited in the wild. Microsoft patched 55 CVEs in its February 2025 Patch Tuesday release, with three rated critical and 52 rated as important. Our counts omitted one vulnerability reported by HackerOne. This month’s update…
-
Thousands of GFI KerioControl firewalls still at risk of exploited critical RCE
First seen on scworld.com Jump to article: www.scworld.com/brief/thousands-of-gfi-keriocontrol-firewalls-still-at-risk-of-exploited-critical-rce
-
Thousands of GFI KerioControl Firewalls Still At Risk From Critical RCE
First seen on scworld.com Jump to article: www.scworld.com/brief/thousands-of-gfi-keriocontrol-firewalls-still-at-risk-from-critical-rce
-
Microsoft Patch Tuesday February 2025: 61 Vulnerabilities Including 25 RCE 3 0-Day
Microsoft has released its highly anticipated Patch Tuesday security updates for February 2025, addressing a wide range of vulnerabilities across its products and services. This month’s release includes fixes for critical remote code execution (RCE) vulnerabilities, elevation of privilege flaws, and other security issues that attackers could potentially exploit. Organizations and users are urged to…
-
Over 12,000 KerioControl firewalls remain prone to RCE attacks amid active exploits
The flaw enables one-click RCE: The Kerio Control vulnerability, in conjunction with an older vulnerability, can allow escalating the issue into a one-click RCE attack, granting root access to the firewall system. The flaw has persisted for nearly seven years, affecting versions 9.2.5 (released in 2018) to 9.4.5.According to Romano’s POC, the exploit would include…
-
Over 12,000 KerioControl firewalls remain prone to RCE attack amid active exploits
The flaw enables one-click RCE: The Kerio Control vulnerability, in conjunction with an older vulnerability, can allow escalating the issue into a one-click RCE attack, granting root access to the firewall system. The flaw has persisted for nearly seven years, affecting versions 9.2.5 (released in 2018) to 9.4.5.According to Romano’s POC, the exploit would include…
-
12,000+ KerioControl Firewalls Exposed to 1-Click RCE Attack
Tags: attack, cve, cyber, cybersecurity, data-breach, exploit, firewall, flaw, rce, remote-code-execution, vulnerabilityCybersecurity researchers caution that over 12,000 instances of GFI KerioControl firewalls remain unpatched and vulnerable to a critical security flaw (CVE-2024-52875) that could be exploited for remote code execution (RCE) with minimal effort. The Shadowserver Foundation has been tracking this vulnerability and issuing daily reports since February 5, 2025. Critical Vulnerability Overview CVE-2024-52875 is a…
-
Over 12,000 KerioControl firewalls exposed to exploited RCE flaw
Over twelve thousand GFI KerioControl firewall instances are exposed to a critical remote code execution vulnerability tracked as CVE-2024-52875. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-12-000-keriocontrol-firewalls-exposed-to-exploited-rce-flaw/
-
CISA warns of hackers targeting vulnerability in Trimble Cityworks to conduct RCE
The software is widely used in projects by local governments, utilities, airports and other facilities. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-hackers-vulnerability-trimble-cityworks/739681/
-
Hackers breach Microsoft IIS services using Cityworks RCE bug
Hackers are exploiting a high-severity remote code execution (RCE) flaw in Cityworks deployments, a GIS-centric asset and work order management software, to execute codes on a customers’ Microsoft web servers.In a coordinated advisory with the US Cybersecurity and Infrastructure Security Agency (CISA), Cityworks’ developer Trimble said that the vulnerability, tracked as CVE-2025-0994 with CVSS rating…
-
CISA warns Trimble Cityworks customers of actively exploited RCE flaw
First seen on scworld.com Jump to article: www.scworld.com/news/cisa-warns-trimble-cityworks-customers-of-actively-exploited-rce-flaw
-
Thousands of Public ASP.NET Keys Allow Web Server RCE
Developers are pulling in publicly available ASP.NET keys into their environments, without realizing that cyberattackers can use them for clandestine code injection. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/microsoft-public-asp-net-keys-web-server-rce
-
Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers
Tags: breach, exploit, hacker, microsoft, network, rce, remote-code-execution, software, vulnerabilitySoftware vendor Trimble is warning that hackers are exploiting a Cityworks deserialization vulnerability to remotely execute commands on IIS servers and deploy Cobalt Strike beacons for initial network access. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-cityworks-rce-bug-to-breach-microsoft-iis-servers/
-
CISA Warns of Active Exploitation in Trimble Cityworks Vulnerability Leading to IIS RCE
Tags: cisa, cve, cybersecurity, data, exploit, flaw, infrastructure, rce, remote-code-execution, software, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a security flaw impacting Trimble Cityworks GIS-centric asset management software has come under active exploitation in the wild.The vulnerability in question is CVE-2025-0994 (CVSS v4 score: 8.6), a deserialization of untrusted data bug that could permit an attacker to conduct remote code execution.”This could…
-
Veeam Updater receives update for critical RCE flaw
First seen on scworld.com Jump to article: www.scworld.com/news/veeam-updater-receives-update-for-critical-rce-flaw
-
Critical RCE bug in Microsoft Outlook now exploited in attacks
CISA warned U.S. federal agencies on Thursday to secure their systems against ongoing attacks targeting a critical Microsoft Outlook remote code execution (RCE) vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-rce-bug-in-microsoft-outlook-now-exploited-in-attacks/
-
1- Click RCE Vulnerability in Voyager PHP Allow Attackers Execute Arbitrary Code
A recently disclosed security vulnerability in the Voyager PHP package, a popular tool for managing Laravel applications, has raised significant concerns regarding the potential for remote code execution (RCE) on affected servers. This vulnerability, identified through ongoing security scans using SonarQube Cloud, could allow an authenticated user to inadvertently execute arbitrary code by clicking on…
-
Android Security Update Fixes Linux Kernel RCE Flaw Allow Read/Write Access
On February 3, 2025, Google published its February Android Security Bulletin, which addresses a total of 47 vulnerabilities affecting Android devices. Among these, a critical flaw in the Linux kernel’s USB Video Class (UVC) driver, tracked as CVE-2024-53104, has been identified as a significant security risk. This vulnerability allows attackers to execute remote code (RCE),…