Experts warn of mass exploitation of critical PHP flaw CVE-2024-4577

Threat actors exploit PHP flaw CVE-2024-4577 for remote code execution. Over 1,000 attacks detected globally. GreyNoise researchers warn of a large-scale exploitation of a critical vulnerability, tracked as CVE-2024-4577 (CVSS 9.8), in PHP. An attacker could exploit the vulnerability to achieve remote code execution on vulnerable servers using Apache and PHP-CGI. The flaw CVE-2024-4577 (CVSS score: 9.8) is […]

CVE-2024-4577 impacts PHP and exploited in wild

thecyberthrone.in - 08/Mar 12:04

CVE-2024-4577 is a critical Remote Code Execution (RCE) vulnerability affecting PHP when running in CGI mode on Windows systems with Apache. This flaw...

Windows KDC Proxy RCE Vulnerability Allows Remote Server Takeover

itsecuritynews.info - 05/Mar 06:03

A recently patched remote code execution (RCE) vulnerability in Microsoft Windows’ Key Distribution Center (KDC) Proxy implementation allows...

WordPress Plugin Vulnerability Exposes 10,000 Sites to Code Execution Attacks

itsecuritynews.info - 05/Mar 15:04

A critical security flaw in the GiveWP Donation Plugin tracked as CVE-2025-0912, has exposed over 100,000 WordPress websites to unauthenticated remote...

Critical PHP RCE vulnerability mass exploited in new attacks

bleepingcomputer.com - 14:26

Threat intelligence company GreyNoise warns that a critical PHP remote code execution vulnerability that impacts Windows systems is now under mass...

Mirai-based botnets exploit CVE-2025-1316 zero-day in Edimax IP cameras

securityaffairs.co - 07/Mar 19:18

Mirai-based botnets are exploiting a zero-day flaw, tracked as CVE-2025-1316, in Edimax IP cameras, to achieve remote command execution. US CISA warns...

Elastic patches critical Kibana flaw allowing code execution

securityaffairs.co - 06/Mar 21:35

Elastic fixed a critical flaw in the Kibana data visualization dashboard software for Elasticsearch that could lead to arbitrary code execution....

Apache Tomcat Flaw Could Allow RCE Attacks on Servers

itsecuritynews.info - 07:02

Apache Tomcat, a widely used open-source web server software, has faced numerous security vulnerabilities in recent years. Some critical issues put...

CVE-2025-27364 affects MITRE Caldera

thecyberthrone.in - 01/Mar 05:01

CVE-2025-27364 is a critical Remote Code Execution (RCE) vulnerability identified in MITRE Caldera, a highly regarded cybersecurity platform used for...

CVE-2025-25012 impacts Kibana

thecyberthrone.in - 07/Mar 01:12

CVE-2025-25012 is a critical vulnerability identified in Elastic Kibana, a widely used data visualization and exploration platform for Elasticsearch....

CVE-2025-20059 impacts Ping Identity

thecyberthrone.in - 01/Mar 13:10

CVE-2025-20059 represents a critical security vulnerability known as a Relative Path Traversal flaw, which impacts the Ping Identity PingAM Java...

Rubriques :