Remote Code Execution - Geek Feed

Malware exploits 5-year-old zero-day to infect end-of-life IP cameras

August 29, 2024August 29, 2024 geekfeed0Tagged Actively Exploited, AVTech, Botnet, Camera, Command Injection, Corona, IP cameras, malware, Mirai, Remote Code Execution, Security Camera

The Corona Mirai-based malware botnet is spreading through a 5-year-old remote code execution (RCE) zero-day in AVTECH IP cameras, which have been discontinued for years and will not receive a patch. The flaw, discovered by Akamai’s Aline Eliovich, is tracked as CVE-2024-7029 and is a high-severity (CVSS v4 score: 8.7) issue in the “brightness” function […]

3 mins read

Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now

August 14, 2024August 14, 2024 geekfeed0Tagged IPv6, rce, Remote Code Execution, TCP/IP, vulnerability, windows, Windows exploit, Windows RCE, Zero-Click

Microsoft warned customers this Tuesday to patch a critical TCP/IP remote code execution (RCE) vulnerability with an increased likelihood of exploitation that impacts all Windows systems using IPv6, which is enabled by default. Found by Kunlun Lab’s XiaoWei and tracked as CVE-2024-38063, this security bug is caused by an Integer Underflow weakness, which attackers could exploit to trigger buffer overflows […]

3 mins read

Critical Progress WhatsUp RCE flaw now under active exploitation

August 7, 2024August 7, 2024 geekfeed0Tagged Actively Exploited, exploit, poc, Proof of Concept, rce, Remote Code Execution, WhatsUp, WhatsUp exploit, WhatsUp Gold

Threat actors are actively attempting to exploit a recently fixed Progress WhatsUp Gold remote code execution vulnerability on exposed servers for initial access to corporate networks. The vulnerability leveraged in these attacks is CVE-2024-4885, a critical-severity (CVSS v3 score: 9.8) unauthenticated remote code execution flaw impacting Progress WhatsUp Gold 23.1.2 and older. Proof-of-concept (PoC) exploits for CVE-2024-4885 are […]

3 mins read

WhatsApp for Windows lets Python, PHP scripts execute with no warning

July 28, 2024August 8, 2024 geekfeed0Tagged 0-day, Attachments, Python, Remote Code Execution, WhatsApp, Zero-Day

A security issue in the latest version of WhatsApp for Windows allows sending Python and PHP attachments that are executed without any warning when the recipient opens them. For the attack to be successful, Python needs to be installed, a prerequisite that may limit the targets to software developers, researchers, and power users. The problem […]

5 mins read

Critical ServiceNow RCE flaws actively exploited to steal credentials

July 26, 2024July 26, 2024 geekfeed0Tagged rce, rce vulnerability, Remote Code Execution, ServiceNow, vulnerability

Threat actors are chaining together ServiceNow flaws using publicly available exploits to breach government agencies and private firms in data theft attacks. This malicious activity was reported by Resecurity, which, after monitoring it for a week, identified multiple victims, including government agencies, data centers, energy providers, and software development firms. Although the vendor released security updates […]

2 mins read