Exploit for Missing Authentication for Critical Function in Jetbrains Teamcity

TeamCity Exploit Cve 2023 42793 A quick script to exploit the...

Microsoft addressed ProxyNotShell with November Patch Tuesday

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Microsoft addressed six zero-day vulnerabilities in this patch Tuesday, along with other significant vulnerabilities that could lead to Remote Code Execution, Information Disclosure, and Denial of...

Hackers Targeting WebLogic Servers and Docker APIs for Mining Cryptocurrencies

Malicious actors such as Kinsing are taking advantage of both recently disclosed and older security flaws in Oracle WebLogic Server to deliver cryptocurrency-mining malware. Cybersecurity company Trend Micro said it found the financially-motivated group leveraging the vulnerability to drop Python...

Critical RCE Bug Could Let Hackers Remotely Take Over DrayTek Vigor Routers

As many as 29 different router models from DrayTek have been identified as affected by a new critical, unauthenticated remote code execution vulnerability that, if successfully exploited, could lead to full compromise of the devices and unauthorized access to the broader network. "The attack can ...

Iranian Hackers Exploiting VMware RCE Bug to Deploy 'Core Impact' Backdoor

An Iranian-linked threat actor known as Rocket Kitten has been observed actively exploiting a recently patched VMware vulnerability to gain initial access and deploy the Core Impact penetration testing tool on vulnerable systems. Tracked as CVE-2022-22954 CVSS score: 9.8, the critical issue...

RCE Bug in Spring Cloud Could Be the Next Log4Shell, Researchers Warn

NOTE: This post is about the confirmed and patched vulnerability tracked as CVE-2022-22963. While the researchers at Sysdig refer to this Spring Cloud bug as “Spring4Shell,” it should be noted that there is some confusion as to what to call it, with another security firm referring to a different,...

High-Severity RCE Bug Found in Popular Apache Cassandra Database

Researchers have shared details about a now-patched, high-severity security bug in the Apache Cassandra open-source NoSQL distributed database that’s easy to exploit and, if left unpatched, could enable attackers to gain remote code execution RCE. The bug, which involves how Cassandra creates...

Adobe: Zero-Day Magento 2 RCE Bug Under Active Attack

A zero-day remote code-execution RCE bug in the Magento 2 and Adobe Commerce platforms has been actively exploited in the wild, Adobe said – prompting an emergency patch to roll out over the weekend. The security vulnerability bug CVE-2022-24086 is a critical affair, allowing pre-authentication R...

Dark Souls 3 Servers Shut Down Due to Critical RCE Bug

There’s a dangerous remote-code execution RCE bug in the Dark Souls video game that could let attackers brick the PCs of online players. The flaw could allow attackers to do pretty much anything: As Kaspersky researchers explained on Monday, the bug “allows an attacker to execute almost any progr...

Windows 10 Drive-By RCE Triggered by Default URI Handler

Researchers have discovered a drive-by remote code-execution RCE bug in Windows 10 via Internet Explorer 11/Edge Legacy – the EdgeHTML-based browser that’s currently the default browser on Windows 10 PCs – and Microsoft Teams. According to a report posted Tuesday by Positive Security, the...

ALERT: Critical RCE Bug in VMware vCenter Server Under Active Attack

Malicious actors are actively mass scanning the internet for vulnerable VMware vCenter servers that are unpatched against a critical remote code execution flaw, which the company addressed late last month. The ongoing activity was detected by Bad Packets on June 3 and corroborated yesterday by...

October Patch Tuesday: Microsoft Patches Critical, Wormable RCE Bug

Microsoft has pushed out fixes for 87 security vulnerabilities in October – 11 of them critical – and one of those is potentially wormable. There are also six bugs that were previously unpatched but publicly disclosed, which could give cybercriminals a leg up — and in fact at least one public...

Researcher Publishes Patch Bypass for vBulletin 0-Day

A security researcher has published proof-of-concept code to outsmart a patch issued last year for a zero-day vulnerability discovered in vBulletin, a popular software for building online community forums. Calling a patch for the flaw a “fail” and “inadequate in blocking exploitation,” Austin-bas...

curl: curl overwrite local file with -J

Summary: curl supports the Content-disposition header, including the filename= option. By design, curl does not allow server-provided local file override by verifying that the filename= argument does not exist before opening it. However, the implementation contains 2 minor logical bugs that allow...

Fast-Moving DDoS Botnet Exploits Unpatched ZyXel RCE Bug

A new variant of the Hoaxcalls botnet, which can be marshalled for large-scale distributed denial-of-service DDoS campaigns, is spreading via an unpatched vulnerability impacting the ZyXEL Cloud CNM SecuManager that was disclosed last month. That’s according to researchers at Radware, who also sa...

Microsoft Patches RCE Bug Actively Under Attack

A critical bug in a Microsoft scripting engine, under active attack, has been patched as part of Microsoft’s Patch Tuesday security roundup. The vulnerability exists in Internet Explorer and allows an attacker to execute rogue code if a victim is coaxed into visiting a malicious web page, or, if...

Rash of Exploits Targets Critical vBulletin RCE Bug

A critical remote code execution RCE bug affecting default 5.x versions of vBulletin CVE-2019-16759 is being actively exploited in the wild, allowing unauthenticated attackers to take control of web hosts. A zero-day proof-of-concept code was anonymously published on Monday, ahead of vBulletin...

Critical RCE Bug Found Lurking in Avaya VoIP Phones

A decade-old remote code-execution RCE bug has been found, unpatched, in an Avaya desk phone that’s used at 90 percent of Fortune 100 companies. If exploited, attackers could remotely take over the operation of the phone, exfiltrate audio and potentially even “bug” the phone to listen in...

Microsoft Internet Explorer 11 - Sandbox Escape Exploit

Exploit for windows platform in category local exploits Inject into IE11. Will work on other sandboxes that allow the opening of windows filepickers through a broker. You will gain medium IL javascript execution, at which point you simply retrigger your IE RCE bug. EDB Note Download:...

Microsoft Internet Explorer 11 - Sandbox Escape

Microsoft Internet Explorer 11 - Sandbox Escape Inject into IE11. Will work on other sandboxes that allow the opening of windows filepickers through a broker. You will gain medium IL javascript execution, at which point you simply retrigger your IE RCE bug. EDB Note Download:...