GeoServer
CISA orders feds to patch actively exploited Geoserver flaw
CISA has ordered U.S. federal agencies to patch a critical GeoServer vulnerability now actively exploited in XML External Entity (XXE) injection attacks. In such attacks, an XML input containing a reference to an external entity is processed by a weakly configured XML parser, allowing threat actors to launch denial-of-service attacks, access confidential data, or perform […]
CISA says hackers breached federal agency using GeoServer exploit
CISA has revealed that attackers breached the network of an unnamed U.S. federal civilian executive branch (FCEB) agency last year after compromising an unpatched GeoServer instance. The security bug (tracked as CVE-2024-36401) is a critical remote code execution (RCE) vulnerability patched on June 18, 2024. CISA added the flaw to its catalog of actively exploited vulnerabilities roughly […]