Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Login or Register to Hide ads and Accessing all features on the forum
Navigation:   Red Security General News News vBulletin releases patch update for new RCE and SQLi vulnerabilities

News 

vBulletin releases patch update for new RCE and SQLi vulnerabilities

0 Replies, 1520 Views

Mr.Kurd

   10-19-2019, 08:35 AM
::1 Try me
Administrators
#1
Exclamation 
In The Name Of Allah
Al-Salam Alekum
[Image: ?u=https%3A%2F%2Ftse2.mm.bing.net%2Fth%3...%3DApi&f=1]
Well guys, this new is somewhat over and it comes back to 8th Oct 2019 but as it is important for vBulletin forum users. I'm going to make a thread about it... Sadly forum administrators sometimes Don't care or they forget to update forums software as this lead to a breach nor admins nor users agree with it.
vBulletin is a widely used forum software by over 100k websites, include Fortune 500 and Alexa Top 1 million companies websites and forums.
The exploit had been discovered by application security researcher Egidio Roman.. Here is the CVE and exploit detail:
1-RCE: CVE-2019-17132
2-SQL Injection: CVE-2019-17271
It is recommended to update the software as fast as possible to prevent any leak of Users Data as these vulns are powerful. Also you can prevent RCE by disabling "Save Avatars as Files" options till updating your forum.
Thank you
Wa Salam Alekum
Rs
* Thankful to Allah *
Kurdy
(This post was last modified: 10-19-2019, 08:39 AM by Mr.Kurd.)

Possibly Related Threads…
Thread Author Replies Views Last Post
Star News Claroty Details Vulnerabilities in Schneider PLCs News 0 1,828 11-11-2020, 09:07 AM
Last Post: News
Star News Update Windows 10 to patch critical vulnerability in Microsoft store games News 0 1,782 11-06-2020, 04:22 AM
Last Post: News
Star News US Warns: Hackers Chaining Zerologon, Other Vulnerabilities News 0 1,966 10-11-2020, 01:15 PM
Last Post: News
Star News APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elect News 0 1,885 10-10-2020, 07:06 AM
Last Post: News
Wink News Mozilla Firefox 75 Is Out With Fixes For RCE vulnerabilities Mr.Kurd 0 1,843 04-13-2020, 01:13 PM
Last Post: Mr.Kurd
Exclamation News Hackers Exploiting 2 Unpatched Windows 0-Day Vulnerabilities in Wide – Microsoft Warn Mr.Kurd 0 1,971 03-24-2020, 07:56 AM
Last Post: Mr.Kurd
Rainbow News Researchers Find Security Vulnerabilities In Some of The Top Password Managers Mr.Kurd 0 1,672 03-23-2020, 08:02 AM
Last Post: Mr.Kurd
Star News Trend Micro Patched Zero-Day Vulnerabilities Under Active Exploit Mr.Kurd 0 1,579 03-23-2020, 07:54 AM
Last Post: Mr.Kurd
Thumbs Up News Microsoft pauses Edge releases amid coronavirus outbreak Mr.Kurd 0 1,545 03-22-2020, 08:20 AM
Last Post: Mr.Kurd
Exclamation News Vulnerabilities In Top Free Android VPN Apps Risk Over 120 Million Users Mr.Kurd 0 1,670 03-02-2020, 08:36 PM
Last Post: Mr.Kurd



Users browsing this thread: 1 Guest(s)