RCE
- APPLICATIONS
Fortinet Patches CVE-2025-32756 Zero-Day RCE Flaw Exploited in FortiVoice Systems
May 14, 2025Ravie LakshmananVulnerability / Network Security Fortinet has patched a critical security flaw that it said has been exploited…
Read More » - APPLICATIONS
ASUS Patches DriverHub RCE Flaws Exploitable via HTTP and Crafted .ini Files
May 12, 2025Ravie LakshmananVulnerability / Endpoint Security ASUS has released updates to address two security flaws impacting ASUS DriverHub that,…
Read More » - APPLICATIONS
Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell
May 09, 2025Ravie LakshmananVulnerability / Industrial Security A China-linked unnamed threat actor dubbed Chaya_004 has been observed exploiting a recently…
Read More » - APPLICATIONS
SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version
May 07, 2025Ravie LakshmananVulnerability / IT Service Cybersecurity researchers have disclosed multiple security flaw in the on-premise version of SysAid…
Read More » - APPLICATIONS
Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi
May 05, 2025Ravie LakshmananNetwork Security / Vulnerability Cybersecurity researchers have disclosed a series of now-patched security vulnerabilities in Apple’s AirPlay…
Read More » - APPLICATIONS
Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability
Apr 15, 2025Ravie LakshmananVulnerability / Endpoint Security A recently disclosed security flaw in Gladinet CentreStack also impacts its Triofox remote…
Read More » - APPLICATIONS
CISA Warns of CentreStack’s Hard-Coded MachineKey Vulnerability Enabling RCE Attacks
Apr 09, 2025Ravie LakshmananApplication Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical…
Read More » - APPLICATIONS
Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication
Mar 24, 2025Ravie LakshmananVulnerability / Cloud Security A set of five critical security shortcomings have been disclosed in the Ingress…
Read More » - APPLICATIONS
PHP-CGI RCE Flaw Exploited in Attacks on Japan’s Tech, Telecom, and E-Commerce Sectors
Mar 07, 2025Ravie LakshmananThreat Intelligence /Vulnerability Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting…
Read More »