Bleeping Computer

Actively exploited Apache 0-day also allows remote code execution

Proof-of-Concept (PoC) exploits for the Apache web server zero-day surfaced on the internet revealing that the vulnerability is far more critical than originally disclosed. These exploits show that ...
Bleeping Computer

Latest Path Traversal news

Fortinet has silently patched a critical zero-day vulnerability in its FortiWeb web application firewall, which is now being widely exploited. A Fortinet FortiWeb path traversal vulnerability is being ...
Threat Post

Cisco Patches Critical Flaw After PoC Exploit Code Release

A critical path-traversal flaw (CVE-2020-27130) exists in Cisco Security Manager that lays bare sensitive information to remote, unauthenticated attackers. A day after proof-of-concept (PoC) exploit ...
CSOonline

Mitel MiCollab VoIP authentication bypass opens new attack paths

Researchers released a proof-of-concept exploit for a path traversal flaw in the enterprise VoIP suite that, coupled with an arbitrary file read issue, can give attackers access to protected files, ...
CSOonline

Enterprises with Kyocera printers open to path traversal attacks

Multi-function printer (MFP) devices and software provider Kyocera Document Solutions has a path traversal vulnerability in its web-based device manager tool used for managing large printer fleets in ...
Infosecurity-magazine.com

Patch Apache HTTP Servers Now to Avoid Zero Day Exploit

Apache HTTP Server users have been urged to immediately patch after it emerged that a zero-day vulnerability in the popular open-source software is being exploited in the wild. CVE-2021-41773 is ...