Tag: remote-code-execution
-
Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances
by
in SecurityNewsIvanti misdiagnoses a remote code execution vulnerability and Mandiant reports that Chinese hackers are launching in-the-wild exploits. The post Chinese APT Pounces on Misdiagnosed RCE in Ivanti VPN Appliances appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/chinese-apt-pounces-on-misdiagnosed-rce-in-ivanti-vpn-appliances/
-
Google Quick Share Bug Bypasses Allow Zero-Click File Transfer
by
in SecurityNewsGoogle addresses patch bypasses for CVE-2024-38272 and CVE-2024-38271, part of the previously announced QuickShell silent RCE attack chain against Windows users. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/google-quick-share-bug-bypasses-zero-click-file-transfer
-
Google’s Quick Share for Windows Vulnerability Allows Remote Code Execution
by
in SecurityNews
Tags: cyber, cybersecurity, exploit, flaw, google, remote-code-execution, risk, vulnerability, windowsCybersecurity researchers from SafeBreach Labs have revealed new vulnerabilities in Google’s Quick Share file-transfer utility for Windows, including a critical flaw that allows attackers to execute code on targeted devices. The findings, disclosed this week, highlight risks in the widely used tool”, even after Google patched earlier issues reported in 2024. The QuickShell Exploit Chain…
-
An Update on QuickShell: Sharing Is Caring about an RCE Attack Chain on Quick Share
by
in SecurityNewsSee how a SafeBreach Labs researcher discovered a bypass for a fix to a critical vulnerability they previously reported in Google’s Quick Share data transfer utility. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/an-update-on-quickshell-sharing-is-caring-about-an-rce-attack-chain-on-quick-share/
-
Google Released Second Fix for Quick Share Flaws After Patch Bypass
by
in SecurityNewsGoogle’s patches for Quick Share for Windows vulnerabilities leading to remote code execution were incomplete and could be easily bypassed. The post Google Released Second Fix for Quick Share Flaws After Patch Bypass appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/google-released-second-fix-for-quick-share-flaws-after-patch-bypass/
-
Canon Printer Flaw Enables Remote Code Execution
by
in SecurityNewsCritical Vulnerability in Drivers Affects Multiple Canon Printers. The office printer could mete out more than ordinary frustration now that researchers discovered a vulnerability in drivers for Canon printer enabling attackers to execute arbitrary code. The flaw is an out-of-bounds vulnerability in Enhanced Metafile Recode processing. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/canon-printer-flaw-enables-remote-code-execution-a-27894
-
Kentico Xperience CMS XSS Vulnerability Allows Remote Code Execution
by
in SecurityNewsKentico Xperience CMS, a widely used platform designed for enterprises and organizations, is under scrutiny after a vulnerability chain was discovered that exploits Cross-Site Scripting (XSS) to enable Remote Code Execution (RCE). This vulnerability was disclosed by researchers who demonstrated its potential harm through a detailed proof of concept. CVE-2025-2748: Cross-Site Scripting Vulnerability According to…
-
Threat Actors Embed Malware in WordPress Sites to Enable Remote Code Execution
by
in SecurityNewsSecurity researchers have uncovered a new wave of cyberattacks targeting WordPress websites through the exploitation of the >>mu-plugins
-
Hewlett Packard RCE Vulnerability Allows Attackers to Bypass Authentication and Execute Remote Commands
by
in SecurityNewsA critical unauthenticated remote code execution (RCE) vulnerability in HPE Insight Cluster Management Utility (CMU) v8.2 allows attackers to bypass authentication and execute commands as root on high-performance computing (HPC) clusters, researchers revealed today. Tracked as CVE-2024-13804, the flaw exposes HPC environments to full cluster compromise through weaponized Java client applications. Technical Breakdown The vulnerability stems from…
-
Apache Tomcat Vulnerability Exploited to Execute Malicious Arbitrary Code on Servers
by
in SecurityNewsA critical remote code execution (RCE) vulnerability, tracked as CVE-2025-24813, is being actively exploited in Apache Tomcat servers. Critical RCE Flaw in Apache Tomcat The flaw allows attackers to upload malicious files via unauthenticated HTTP PUT requests, followed by a GET request to trigger deserialization, leading to arbitrary code execution. Affected versions include Tomcat 9.0.0-M1…
-
Splunk Patches Dozens of Vulnerabilities
by
in SecurityNewsSplunk patches high-severity remote code execution and information disclosure flaws in Splunk Enterprise and Secure Gateway App. The post Splunk Patches Dozens of Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/splunk-patches-dozens-of-vulnerabilities/
-
Kubernetes Ingress-nginx Remote Code Execution Vulnerability (CVE-2025-1974)
by
in SecurityNewsOverview Recently, NSFOCUS CERT detected that Kubernetes issued a security announcement and fixed the Kubernetes Ingress-nginx remote code execution vulnerability (CVE-2025-1974). The Ingress controller deployed in Kubernetes Pod can be accessed through the network without authentication. When the Admission webhook is open, an unauthenticated attacker can remotely inject any nginx configuration by sending a special…The…
-
PoC Exploit Released for Ingress-NGINX RCE Vulnerabilities
by
in SecurityNewsA recently disclosed vulnerability in Ingress-NGINX, tracked as CVE-2025-1974, has raised concerns about the security of Kubernetes environments. This vulnerability allows for Remote Code Execution (RCE) through the validating webhook server integrated into Ingress-NGINX. A Proof of Concept (PoC) exploit has been released, demonstrating how attackers could exploit this flaw. CVE-2025-1974 affects versions of Ingress-NGINX…
-
CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices
by
in SecurityNews
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, rce, remote-code-execution, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two six-year-old security flaws impacting Sitecore CMS and Experience Platform (XP) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The vulnerabilities are listed below -CVE-2019-9874 (CVSS score: 9.8) – A deserialization vulnerability in the Sitecore.Security.AntiCSRF First seen on thehackernews.com Jump to…
-
Splunk RCE Vulnerability Enables Remote Code Execution via File Upload
by
in SecurityNewsA severe vulnerability in Splunk Enterprise and Splunk Cloud Platform has been identified, allowing for Remote Code Execution (RCE) via file uploads. This exploit can be triggered by a low-privileged user, highlighting significant security risks for affected organizations. Vulnerability Overview: The vulnerability, tracked as CVE-2025-20229, has a CVSSv3.1 score of 8.0, classified as High. The…
-
New Sophisticated Linux Backdoor Targets OT Systems via 0-Day RCE Exploit
by
in SecurityNewsResearchers at QiAnXin XLab have uncovered a sophisticated Linux-based backdoor dubbed OrpaCrab, specifically targeting industrial systems associated with ORPAK, a company involved in gas stations and oil transportation. The malware, which was uploaded to VirusTotal in January 2024 from the U.S., employs advanced techniques to evade detection and maintain persistence on compromised systems. Exploitation of…
-
Appsmith Developer Tool Vulnerability Exposes Systems to Remote Code Execution
by
in SecurityNewsA recent analysis by Rhino Security Labs has uncovered a series of critical vulnerabilities in the Appsmith developer tool, a platform used for building internal applications such as dashboards and customer support tools. The most severe of these vulnerabilities is CVE-2024-55963, which enables unauthenticated remote code execution due to a misconfigured PostgreSQL database that ships…
-
Critical RCE flaws put Kubernetes clusters at risk of takeover
by
in SecurityNewsTwo ways to mitigate the flaws: The best fix is to upgrade the Ingress-NGINX component to one of the patched versions. Admins can determine if it’s being used inside their clusters by typing: kubectl get pods all-namespaces selector app.kubernetes.io/name=ingress-nginxIn situations where an immediate version upgrade is not possible, admins can reduce risk by deleting the…
-
Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky
by
in SecurityNews
Tags: attack, browser, chrome, cve, exploit, google, kaspersky, remote-code-execution, vulnerability, zero-dayThe vulnerability, tracked as CVE-2025-2783, was chained with a second exploit for remote code execution in attacks in Russian. The post Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/google-patches-chrome-sandbox-escape-zero-day-caught-by-kaspersky/
-
Unauthenticated RCE possible with critical Ingress NGINX flaw
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/unauthenticated-rce-possible-with-critical-ingress-nginx-flaw
-
IngressNightmare Flaws Expose Kubernetes Clusters to Remote Hacking
by
in SecurityNewsCritical remote code execution vulnerabilities found by Wiz researchers in Ingress NGINX Controller for Kubernetes. The post IngressNightmare Flaws Expose Kubernetes Clusters to Remote Hacking appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ingressnightmare-flaws-expose-many-kubernetes-clusters-to-remote-hacking/
-
Zero Day: Russische Firma zahlt für Telegram-Lücken Millionen
by
in SecurityNewsEin russischer Schwachstellenhändler nennt neue Preise für RCE-Lücken in Telegram. Für Exploits gibt es bis zu vier Millionen US-Dollar. First seen on golem.de Jump to article: www.golem.de/news/zero-day-russische-firma-zahlt-millionen-fuer-telegram-luecken-2503-194649.html
-
Critical Unauthenticated Remote Code Execution Vulnerabilities inIngress NGINX
by
in SecurityNewsSummary Wiz Research has uncovered multiple critical unauthenticated remote code execution (RCE) vulnerabilities in theIngress NGINX Controller for Kubernetes, collectively known as IngressNightmare. These vulnerabilities First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/03/25/critical-unauthenticated-remote-code-execution-vulnerabilities-iningress-nginx/
-
IngressNightmare Flaws Expose Many Kubernetes Clusters to Remote Hacking
by
in SecurityNewsCritical remote code execution vulnerabilities found by Wiz researchers in Ingress NGINX Controller for Kubernetes. The post IngressNightmare Flaws Expose Many Kubernetes Clusters to Remote Hacking appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ingressnightmare-flaws-expose-many-kubernetes-clusters-to-remote-hacking/
-
CVE-2025-1974: IngressNightmare Flaws Threaten Kubernetes Clusters
by
in SecurityNewsCritical Flaws in Ingress NGINX Controller Enable Remote Code Execution A newly disclosed set of five severe vulnerabilities, dubbed IngressNightmare by cloud security firm Wiz, has put more than 6,500 Kubernetes clusters at risk. These critical flaws impact the Ingress… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2025-1974-ingressnightmare-flaws-threaten-kubernetes-clusters/
-
IngressNightmare: Four Critical Bugs Found in 40% of Cloud Systems
by
in SecurityNewsWiz Security finds four critical RCE vulnerabilities in the Ingress NGINX Controller for Kubernetes First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ingressnightmare-critical-bugs-40/
-
Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication
by
in SecurityNewsA set of five critical security shortcomings have been disclosed in the Ingress NGINX Controller for Kubernetes that could result in unauthenticated remote code execution, putting over 6,500 clusters at immediate risk by exposing the component to the public internet.The vulnerabilities (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and CVE-2025-1974 ), assigned a CVSS score of First seen…
-
Critical Apache Tomcat RCE vulnerability exploited
by
in SecurityNewsAttack attempts via;CVE-2025-24813 are underway, but successful attacks require specific, non-default configurations, according to GreyNoise. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/threat-activity-targeting-critical-apache-tomcat-rce-vulnerability/743313/