Tag: rce
-
D-Link patches 5 vulnerabilities including RCE, hard-coded credential flaws
First seen on scmagazine.com Jump to article: www.scmagazine.com/news/d-link-patches-5-vulnerabilities-including-rce-hard-coded-credential-flaws
-
Broadcom fixes critical RCE bug in VMware vCenter Server
Broadcom has fixed a critical VMware vCenter Server vulnerability that attackers can exploit to gain remote code execution on unpatched servers via a … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/broadcom-fixes-critical-rce-bug-in-vmware-vcenter-server/
-
D-Link addressed three critical RCE in wireless router models
D-Link fixed multiple critical flaws in its WiFi 6 routers that allow remote attackers to execute arbitrary code or gain hardcoded credentials. D-Link… First seen on securityaffairs.com Jump to article: securityaffairs.com/168471/security/d-link-rce-wireless-router-models.html
-
Exploit code released for critical Ivanti RCE flaw, patch now
A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/exploit-code-released-for-critical-ivanti-rce-flaw-patch-now/
-
SolarWinds fixed critical RCE CVE-2024-28991 in Access Rights Manager
SolarWinds addressed a critical remote code execution vulnerability, tracked as CVE-2024-28991, in Access Rights Manager. SolarWinds released security… First seen on securityaffairs.com Jump to article: securityaffairs.com/168456/security/solarwinds-fixed-rce-cve-2024-28991.html
-
Dependency Confusion Could Have Led to RCE in Google Cloud Platform
Tenable shares details on a dependency confusion attack that led to the execution of code on Google’s internal servers. The post Dependency Confusion … First seen on securityweek.com Jump to article: www.securityweek.com/dependency-confusion-could-have-led-to-rce-in-google-cloud-platform/
-
CloudImposer RCE Vulnerability Targets Google Cloud Platform
Attackers Could Exploit Flaw to Run Malicious Code on Google’ s, Customers’ Servers. Google patched a critical remote execution vulnerability in its c… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cloudimposer-rce-vulnerability-targets-google-cloud-platform-a-26299
-
D-Link fixes critical RCE, hardcoded password flaws in WiFi 6 routers
D-Link has fixed critical vulnerabilities in three popular wireless router models that allow remote attackers to execute arbitrary code or access the … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/d-link-fixes-critical-rce-hardcoded-password-flaws-in-wifi-6-routers/
-
Week in review: Veeam Backup Replication RCE could soon be exploited, Microsoft fixes 4 0-days
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Veeam Backup Replication RCE flaw may soon be levera… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/15/week-in-review-veeam-backup-replication-rce-could-soon-be-exploited-microsoft-fixes-4-0-days/
-
Akira Ransomware Actors Exploit SonicWall Bug for RCE
First seen on darkreading.com Jump to article: www.darkreading.com/ics-ot-security/akira-ransomware-actors-exploit-sonicwall-bug-for-rce
-
Hackers Exploiting Apache OFBiz RCE Vulnerability in the Wild
A critical vulnerability in the Apache OFBiz framework has been actively exploited by hackers. The flaw designated CVE-2024-45195, allows for unauthen… First seen on gbhackers.com Jump to article: gbhackers.com/apache-ofbiz-rce-vulnerability/
-
Hackers Exploiting Progress WhatsUp RCE Vulnerability In The Wild
RCE attacks on WhatsUp Gold exploited the Active Monitor PowerShell Script to execute malicious code, as the vulnerabilities CVE-2024-6670 and CVE-202… First seen on gbhackers.com Jump to article: gbhackers.com/whatsup-rce-vulnerability-exploit/
-
Ivanti fixes maximum severity RCE bug in Endpoint Management software
Ivanti has fixed a maximum severity vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers gain remote code ex… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ivanti-fixes-maximum-severity-rce-bug-in-endpoint-management-software/
-
Akira Ransomware Actively Exploiting SonicWall firewall RCE Vulnerability
SonicWall disclosed a critical remote code execution vulnerability (CVE-2024-40766) in SonicOS on August 22nd, 2024. While no active exploitation was … First seen on gbhackers.com Jump to article: gbhackers.com/akira-sonicwall-exploits/
-
Veeam Backup Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711)
CVE-2024-40711, a critical vulnerability affecting Veeam Backup Replication (VBR), could soon be exploited by attackers to steal enterprise data. Disc… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/09/cve-2024-40711-exploited/
-
Veeam warnt vor kritischer RCE-Schwachstelle CVE-2024-4071 in Backup Replication
Der Softwarehersteller Veeam warnt vor kritischer RCE-Schwachstelle in Backup & Replication. Blog-Leser j. hatte gestern im Diskussionsbereich auf… First seen on borncity.com Jump to article: www.borncity.com/blog/2024/09/06/veeam-warnt-vor-kritischer-rce-schwachstelle-cve-2024-4071-in-backup-replication/
-
Progress LoadMaster vulnerable to 10/10 severity RCE flaw
Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) H… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/progress-loadmaster-vulnerable-to-10-10-severity-rce-flaw/
-
Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195)
For the fourth time in the last five months, Apache OFBiz users have been advised to upgrade their installations to fix a critical flaw (CVE-2024-4519… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/06/cve-2024-45195/
-
Apache Makes Another Attempt at Patching Exploited RCE in OFBiz
The latest Apache OFBiz update patches CVE-2024-45195, a bypass of a recently disclosed remote code execution bug exploited in attacks. The post Apach… First seen on securityweek.com Jump to article: www.securityweek.com/apache-makes-another-attempt-at-patching-exploited-rce-in-ofbiz/
-
Veeam patches 5 critical vulnerabilities, including unauthenticated RCE flaw
First seen on scmagazine.com Jump to article: www.scmagazine.com/news/veeam-patches-5-critical-vulnerabilities-including-unauthenticated-rce-flaw
-
Veeam warns of critical RCE flaw in Backup & Replication software
Veeam has released security updates for several of its products as part of a single September 2024 security bulletin that addresses 18 high and critic… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/veeam-warns-of-critical-rce-flaw-in-backup-and-replication-software/
-
Attackers Exploit Critical Atlassian Confluence Flaw for Cryptojacking
Novel attack vectors leverage the CVE-2023-22527 RCE flaw discovered in January, which is still under active attack, to turn targeted cloud environmen… First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/attackers-exploit-critical-atlassian-confluence-flaw-for-cryptojacking
-
WhatsUp Gold Flaw Could Lead to RCE, System Hijacking
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/whatsup-gold-flaw-could-lead-to-rce-system-hijacking
-
ToddyCat APT Abuses SMB, Exploits IKEEXT A Exchange RCE To Deploy ICMP Backdoor
ToddyCat is an APT group that has been active since December 2020, and primarily it targets the government and military entities in Europe and Asia. T… First seen on gbhackers.com Jump to article: gbhackers.com/toddycat-apt-exploits/
-
D-Link says it is not fixing four RCE flaws in DIR-846W routers
D-Link is warning that four remote code execution (RCE) flaws impacting all hardware and firmware versions of its DIR-846W router will not be fixed as… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/d-link-says-it-is-not-fixing-four-rce-flaws-in-dir-846w-routers/
-
North Korean Hackers Actively Exploiting Chromium RCE Zero-Day In The Wild
Tags: exploit, hacker, microsoft, north-korea, rce, remote-code-execution, threat, vulnerability, zero-dayMicrosoft has identified a North Korean threat actor, Citrine Sleet, exploiting a zero-day vulnerability in Chromium (CVE-2024-7971) to gain remote co… First seen on gbhackers.com Jump to article: gbhackers.com/chromium-rce-zero-day-in-the-wild/
-
Week in review: SonicWall critical firewalls flaw fixed, APT exploits WPS Office for Windows RCE
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: SonicWall patches critical flaw affecting its firewa… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/01/week-in-review-sonicwall-critical-firewalls-flaw-fixed-apt-exploits-wps-office-for-windows-rce/
-
APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262)
ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespi… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/28/cve-2024-7262-cve-2024-7263/
-
RCE attacks likely with pair of Traccar GPS system bugs
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/rce-attacks-likely-with-pair-of-traccar-gps-system-bugs
-
Critical, Actively Exploited Jenkins RCE Bug Suffers Patch Lag
First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/critical-actively-exploited-jenkins-rce-bug-patch-lag