New zero-day RCE vBullentin bug patched

Tuesday, August 11th, 2020

Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.

Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.

Read the latest research blogs from the Blueliv Labs team.

Cyber Threats

Intelligence Briefing

New zero-day RCE vBullentin bug patched

The zero-day is a bypass for a patch from a previous vBulletin zero-day — namely CVE-2019-16759, disclosed in September 2019. The previous zero-day allowed attackers to exploit a bug in the vBulletin template system to run malicious code and take over forums without needing to authenticate on the victim sites (a type of bug called a pre-auth RCE). However, a researcher said he found a simple way to bypass the patch and continue to exploit the same CVE-2019-16759 vulnerability Learn more >

Blueliv Intelligence Briefing

Your cybersecurity news summary

Cyber Threats

Intelligence Briefing

Blueliv Intelligence Briefing

Your cybersecurity news summary

Cyber Threats Intelligence Briefing

Cyber Threats

Intelligence Briefing