Critical bug – TheCyberThrone

Unpatched Fortinet Firewalls are at Risk of Exploitation

Researchers issued a warning that thousands of Fortinet firewalls remain vulnerable to attack because they weren’t patched following the disclosure of a critical vulnerability in June. The vulnerability, designated as…

PravinKarthik July 4, 2023

Arcserve Critical Authentication Bug

A group of red team researchers have identified a critical authentication bypass of an Arcserve backup system. The researchers detailed about vulnerability exploitation process and published tools and a PoC…

PravinKarthik June 30, 2023

CISCO EOL IP Phone has a Critical RCE Bug

Cisco issue a warning about a critical flaw impacting its IP phone ports allow unauthenticated attackers to execute code remotely on targeted devices and gain full admin privileges. Cisco has…

PravinKarthik May 5, 2023

HP LaserJet Printers has a Critical Bug

HP has issued a warning to its business customers using certain LaserJet printer models that they should remain vigilant and take steps to tackle a vulnerability that could see unwanted…

PravinKarthik April 6, 2023

Fortinet Fixes Critical Buffer Underflow Bug

Fortinet has patched a critical heap buffer underflow vulnerability affecting FortiOS and FortiProxy, which can lead to arbitrary code execution. A critical severity issue affects FortiOS & FortiProxy administrative interface,…

PravinKarthik March 9, 2023

Fortinet Critical Authentication Bypass Flaw exploited in wild

Fortinet addressed a critical authentication bypass flaw late last week, tracked as CVE-2022-40684, that impacted FortiGate firewalls and FortiProxy web proxies. An attacker can exploit the vulnerability to log into vulnerable…

PravinKarthik October 11, 2022

Magento Vulnerability Attack Wave

Researchers issued a warning of a campaign targeting the CVE-2022-24086 vulnerability in Magento2, a open source e-commerce platform owned by Adobe In February 2022, Adobe rolled out security updates to address the…

PravinKarthik September 24, 2022

Atlassian Confluence zeroday receives a patch

On Friday, last week Atlassian warned of a critical unpatched remote code execution vulnerability affecting all Confluence Server and Data Center supported versions, tracked as CVE-2022-26134, that is being actively…

PravinKarthik June 5, 2022