Tag: rce
-
Apache Tomcat Flaw Could Allow RCE Attacks on Servers
by
in SecurityNews
Tags: apache, attack, cyber, flaw, open-source, rce, remote-code-execution, risk, software, vulnerabilityApache Tomcat, a widely used open-source web server software, has faced numerous security vulnerabilities in recent years. Some critical issues put servers at risk of remote code execution (RCE) and other attacks. These vulnerabilities highlight the importance of keeping software up-to-date and properly configured to prevent potential exploits. Detailed Vulnerabilities: Below is a formatted table…
-
Threat Actors Exploit PHP-CGI RCE Vulnerability to Attack Windows Machines
by
in SecurityNews
Tags: apache, attack, cve, cyber, cybersecurity, exploit, rce, remote-code-execution, threat, vulnerability, windowsA recent cybersecurity threat has emerged where unknown attackers are exploiting a critical remote code execution (RCE) vulnerability in PHP-CGI on Windows systems. This vulnerability, identified as CVE-2024-4577, allows attackers to execute arbitrary PHP code on servers using Apache with a vulnerable PHP-CGI setup. The attackers are primarily targeting organizations in Japan across various sectors,…
-
Critical DrayTek Router Vulnerabilities Expose Devices to RCE Attacks
by
in SecurityNews
Tags: attack, conference, cyber, firmware, office, rce, remote-code-execution, risk, router, vulnerabilityA recent security analysis of Draytek Vigor routers has uncovered severe vulnerabilities that could allow attackers to hijack devices, execute arbitrary code, and bypass critical security controls. These findings, disclosed by researchers at DEFCON 32 HHV and Ekoparty 2024, highlight systemic risks in widely used small office/home office (SOHO) routers due to outdated firmware, weak…
-
PHP-CGI RCE Flaw Exploited in Attacks on Japan’s Tech, Telecom, and E-Commerce Sectors
by
in SecurityNewsThreat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025.”The attacker has exploited the vulnerability CVE-2024-4577, a remote code execution (RCE) flaw in the PHP-CGI implementation of PHP on Windows, to gain initial access to victim machines,” Cisco Talos researcher Chetan Raghuprasad said in a…
-
Attackers Target Japanese Firms with Cobalt Strike
by
in SecurityNewsAttackers are actively exploiting an RCE flaw in Windows PHP-CGI implementations to target Japanese firms, deploying Cobalt Strike for persistence First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/attackers-japan-cobalt-strike/
-
Windows KDC Proxy RCE Vulnerability Allows Remote Server Takeover
by
in SecurityNews
Tags: authentication, control, cvss, cyber, flaw, microsoft, rce, remote-code-execution, vulnerability, windowsA recently patched remote code execution (RCE) vulnerability in Microsoft Windows’ Key Distribution Center (KDC) Proxy implementation allows unauthenticated attackers to take control of vulnerable servers through manipulated Kerberos authentication traffic. Designated CVE-2024-43639 and rated 9.8 CVSS, this critical flaw stems from improper validation of message lengths during ASN.1 encoding operation, enabling memory corruption attacks. The vulnerability…
-
MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-202527364)
by
in SecurityNewsUsers of the MITRE Caldera cyber security platform have been urged to plug a critical hole (CVE-202527364) that may allow unauthenticated attackers to achieve remote code … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/28/mitre-caldera-rce-vulnerability-with-public-poc-cve-2025-27364/
-
MITRE Caldera Hit by Critical RCE Flaw (CVE-2025-27364) Here’s What You Need to Know
by
in SecurityNewsCVE-2025-27364, a critical Remote Code Execution (RCE) flaw has been discovered in MITRE Caldera, an open-source adversary emulation platform used by security professionals. This flaw could allow attackers to execute arbitrary code on the server running Caldera, leading to the compromise of sensitive systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2025-27364-in-mitre-caldera/
-
Max Severity RCE Vuln in All Versions of MITRE Caldera
by
in SecurityNewsIn the wrong hands, the popular red-teaming tool can be made to access networks, escalate privileges, conduct reconnaissance, and disguise malicious activity as a simulated exercise. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/max-severity-rce-vuln-all-versions-mitre-caldera
-
Hackers Exploiting Cisco Small Business Routers RCE Vulnerability Deploying Webshell
by
in SecurityNews
Tags: backdoor, business, cisco, cve, cyber, cybercrime, exploit, flaw, hacker, rce, remote-code-execution, router, vulnerabilityA critical remote code execution (RCE) vulnerability, CVE-2023-20118, affecting Cisco Small Business Routers, has become a focal point for cybercriminals deploying webshells and advanced backdoor payloads. The vulnerability, caused by improper input validation in the routers’ web-based management interface, allows unauthenticated attackers to execute arbitrary commands by sending specially crafted HTTP requests. This flaw has…
-
Critical RCE Vulnerability in MITRE Caldera Proof of Concept Released
by
in SecurityNewsA critical remote code execution (RCE) vulnerability has been uncovered in MITRE Caldera, a widely used adversarial emulation framework. The flaw (CVE-2025-27364) affects all versions prior to commit 35bc06e, potentially exposing systems running Caldera servers to unauthenticated attacks. Attackers can exploit this vulnerability by abusing dynamic compilation features in Caldera’s Sandcat and Manx agents, leading to…
-
Mongoose ODM critical RCE flaws detailed, PoC exploits revealed
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/mongoose-odm-critical-rce-flaws-detailed-poc-exploits-revealed
-
Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers
by
in SecurityNewsOPSWAT details two critical vulnerabilities in the Mongoose ODM library for MongoDB leading to remote code execution on the Node.js server. The post Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/vulnerabilities-in-mongodb-library-allow-rce-on-node-js-servers/
-
CISA Warns of Active Exploitation of SonicWall SonicOS RCE Vulnerability
by
in SecurityNews
Tags: authentication, cisa, cyber, cybersecurity, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vpn, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding the active exploitation of critical remote code execution (RCE) vulnerability in SonicWall’s SonicOS, tracked as CVE-2024-53704. Added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on February 19, 2025, the flaw enables unauthenticated attackers to hijack SSL VPN sessions and bypass authentication mechanisms…
-
Fortinet’s FortiOS Vulnerabilities Allow Attackers Trigger RCE and Launch DoS Attack
by
in SecurityNewsFortinet’s FortiOS, the operating system powering its VPN and firewall appliances, has been found vulnerable to multiple security flaws that could allow attackers to execute remote code (RCE) and launch denial-of-service (DoS) attacks. These vulnerabilities, disclosed by Akamai researcher Ben Barnea, were assigned CVE-2024-46666 and CVE-2024-46668. Fortinet released patches on January 14, 2025, to mitigate…
-
Hackers Can Exploit >>Wormable<< Windows LDAP RCE Vulnerability for Remote Attacks
by
in SecurityNews
Tags: access, attack, cve, cyber, cybersecurity, exploit, flaw, hacker, microsoft, network, rce, remote-code-execution, vulnerability, windowsA critical new vulnerability in Microsoft’s Windows Lightweight Directory Access Protocol (LDAP), tagged as CVE-2025-21376, has recently come to light, raising alarms across global cybersecurity circles. The flaw, which has been classified as >>critical,>wormable>Wormable
-
Kriminelle nutzen kritischen RCE-Bug in Microsoft Outlook
by
in SecurityNewsDie US-Sicherheitsbehörde CISA warnt vor einer derzeit laufenden Angriffswelle, bei der eine kritische Remote Code Execution (RCE)-Sicherheitslücke in Microsoft Outlook ausgenutzt wird. First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/kriminelle-nutzen-kritischen-rce-bug-in-microsoft-outlook
-
Microsoft’s February 2025 Patch Tuesday Addresses 55 CVEs (CVE-2025-21418, CVE-2025-21391)
by
in SecurityNews
Tags: access, advisory, android, apt, attack, authentication, best-practice, cve, cyber, data, exploit, firmware, flaw, group, Internet, lazarus, linux, malicious, microsoft, network, north-korea, ntlm, office, rce, remote-code-execution, service, technology, tool, update, vulnerability, windows, zero-day3Critical 52Important 0Moderate 0Low Microsoft addresses 55 CVEs with three rated critical and four zero-day vulnerabilities, including two that were exploited in the wild. Microsoft patched 55 CVEs in its February 2025 Patch Tuesday release, with three rated critical and 52 rated as important. Our counts omitted one vulnerability reported by HackerOne. This month’s update…
-
Thousands of GFI KerioControl firewalls still at risk of exploited critical RCE
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/thousands-of-gfi-keriocontrol-firewalls-still-at-risk-of-exploited-critical-rce
-
Thousands of GFI KerioControl Firewalls Still At Risk From Critical RCE
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/thousands-of-gfi-keriocontrol-firewalls-still-at-risk-from-critical-rce
-
Microsoft Patch Tuesday February 2025: 61 Vulnerabilities Including 25 RCE 3 0-Day
by
in SecurityNewsMicrosoft has released its highly anticipated Patch Tuesday security updates for February 2025, addressing a wide range of vulnerabilities across its products and services. This month’s release includes fixes for critical remote code execution (RCE) vulnerabilities, elevation of privilege flaws, and other security issues that attackers could potentially exploit. Organizations and users are urged to…
-
Over 12,000 KerioControl firewalls remain prone to RCE attacks amid active exploits
by
in SecurityNewsThe flaw enables one-click RCE: The Kerio Control vulnerability, in conjunction with an older vulnerability, can allow escalating the issue into a one-click RCE attack, granting root access to the firewall system. The flaw has persisted for nearly seven years, affecting versions 9.2.5 (released in 2018) to 9.4.5.According to Romano’s POC, the exploit would include…
-
Over 12,000 KerioControl firewalls remain prone to RCE attack amid active exploits
by
in SecurityNewsThe flaw enables one-click RCE: The Kerio Control vulnerability, in conjunction with an older vulnerability, can allow escalating the issue into a one-click RCE attack, granting root access to the firewall system. The flaw has persisted for nearly seven years, affecting versions 9.2.5 (released in 2018) to 9.4.5.According to Romano’s POC, the exploit would include…
-
12,000+ KerioControl Firewalls Exposed to 1-Click RCE Attack
by
in SecurityNews
Tags: attack, cve, cyber, cybersecurity, data-breach, exploit, firewall, flaw, rce, remote-code-execution, vulnerabilityCybersecurity researchers caution that over 12,000 instances of GFI KerioControl firewalls remain unpatched and vulnerable to a critical security flaw (CVE-2024-52875) that could be exploited for remote code execution (RCE) with minimal effort. The Shadowserver Foundation has been tracking this vulnerability and issuing daily reports since February 5, 2025. Critical Vulnerability Overview CVE-2024-52875 is a…
-
Over 12,000 KerioControl firewalls exposed to exploited RCE flaw
by
in SecurityNewsOver twelve thousand GFI KerioControl firewall instances are exposed to a critical remote code execution vulnerability tracked as CVE-2024-52875. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-12-000-keriocontrol-firewalls-exposed-to-exploited-rce-flaw/
-
CISA warns of hackers targeting vulnerability in Trimble Cityworks to conduct RCE
by
in SecurityNewsThe software is widely used in projects by local governments, utilities, airports and other facilities. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-hackers-vulnerability-trimble-cityworks/739681/
-
Hackers breach Microsoft IIS services using Cityworks RCE bug
by
in SecurityNewsHackers are exploiting a high-severity remote code execution (RCE) flaw in Cityworks deployments, a GIS-centric asset and work order management software, to execute codes on a customers’ Microsoft web servers.In a coordinated advisory with the US Cybersecurity and Infrastructure Security Agency (CISA), Cityworks’ developer Trimble said that the vulnerability, tracked as CVE-2025-0994 with CVSS rating…
-
CISA warns Trimble Cityworks customers of actively exploited RCE flaw
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/cisa-warns-trimble-cityworks-customers-of-actively-exploited-rce-flaw
-
Thousands of Public ASP.NET Keys Allow Web Server RCE
by
in SecurityNewsDevelopers are pulling in publicly available ASP.NET keys into their environments, without realizing that cyberattackers can use them for clandestine code injection. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/microsoft-public-asp-net-keys-web-server-rce