The Hacker News
New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems
January 11^th 2024 at 14:16

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems

By Newsroom

Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident payload. The vulnerability in question is CVE-2023-51467 (CVSS score: 9.8), a bypass for another severe shortcoming in the same software (CVE-

Related tags
January 11^th 2024 at 14:16

The Hacker News
Experts Warn of Severe Flaws Affecting Milesight Routers and Titan SFTP Servers
October 17^th 2023 at 10:16

Experts Warn of Severe Flaws Affecting Milesight Routers and Titan SFTP Servers

By Newsroom

A severity flaw impacting industrial cellular routers from Milesight may have been actively exploited in real-world attacks, new findings from VulnCheck reveal. Tracked as CVE-2023-43261 (CVSS score: 7.5), the vulnerability has been described as a case of information disclosure that affects UR5X, UR32L, UR32, UR35, and UR41 routers before version 35.3.0.7 that could enable attackers to access

Related tags
October 17^th 2023 at 10:16

The Hacker News
Nearly 12,000 Juniper Firewalls Found Vulnerable to Recently Disclosed RCE Vulnerability
September 19^th 2023 at 09:30

Nearly 12,000 Juniper Firewalls Found Vulnerable to Recently Disclosed RCE Vulnerability

By THN

New research has found that close to 12,000 internet-exposed Juniper firewall devices are vulnerable to a recently disclosed remote code execution flaw. VulnCheck, which discovered a new exploit for CVE-2023-36845, said it could be exploited by an "unauthenticated and remote attacker to execute arbitrary code on Juniper firewalls without creating a file on the system." CVE-2023-36845 refers to a

Related tags
September 19^th 2023 at 09:30

The Hacker News
Thousands of Unpatched Openfire XMPP Servers Still Exposed to High-Severity Flaw
August 24^th 2023 at 08:21

Thousands of Unpatched Openfire XMPP Servers Still Exposed to High-Severity Flaw

By THN

Thousands of Openfire XMPP servers are unpatched against a recently disclosed high-severity flaw and are susceptible to a new exploit, according to a new report from VulnCheck. Tracked as CVE-2023-32315 (CVSS score: 7.5), the vulnerability relates to a path traversal vulnerability in Openfire's administrative console that could permit an unauthenticated attacker to access otherwise restricted

Related tags
August 24^th 2023 at 08:21

The Hacker News
Critical MikroTik RouterOS Vulnerability Exposes Over Half a Million Devices to Hacking
July 26^th 2023 at 05:02

Critical MikroTik RouterOS Vulnerability Exposes Over Half a Million Devices to Hacking

By THN

A severe privilege escalation issue impacting MikroTik RouterOS could be weaponized by remote malicious actors to execute arbitrary code and seize full control of vulnerable devices. Cataloged as CVE-2023-30799 (CVSS score: 9.1), the shortcoming is expected to put approximately 500,000 and 900,000 RouterOS systems at risk of exploitation via their web and/or Winbox interfaces, respectively,

Related tags
July 26^th 2023 at 05:02

FreshRSS

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems

Experts Warn of Severe Flaws Affecting Milesight Routers and Titan SFTP Servers

Nearly 12,000 Juniper Firewalls Found Vulnerable to Recently Disclosed RCE Vulnerability

Thousands of Unpatched Openfire XMPP Servers Still Exposed to High-Severity Flaw

Critical MikroTik RouterOS Vulnerability Exposes Over Half a Million Devices to Hacking