CVE-2024-12847: Proof-of-Concept Exploit Code Released

Overview CVE-2024-12847 is a critical security vulnerability affecting certain models of NETGEAR routers, notably the DGN1000 and DGN2200 v1. This vulnerability has been assigned a CVSS score of 9.8, reflecting its high severity and potential impact. It allows remote, unauthenticated attackers to execute arbitrary operating system commands with root privileges by sending specially crafted HTTP […]

Critical FortiSIEM Vulnerability Lets Attackers Run Arbitrary Commands via TCP Packets

itsecuritynews.info - 14/Jan 13:02

Fortinet disclosed a critical OS command injection vulnerability in FortiSIEM on January 13, 2026, warning users of a high-risk flaw that lets...

Critical FortiSIEM Vulnerability Lets Attackers Run Arbitrary Commands via TCP Packets

itsecuritynews.info - 14/Jan 13:02

Fortinet disclosed a critical OS command injection vulnerability in FortiSIEM on January 13, 2026, warning users of a high-risk flaw that lets...

Ni8mare flaw gives unauthenticated control of n8n instances

securityaffairs.co - 07/Jan 21:15

A critical n8n flaw (CVE-2026-21858, CVSS 10.0), dubbed Ni8mare, allows unauthenticated attackers to fully take over vulnerable instances. Researchers...

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

itsecuritynews.info - 06/Jan 05:31

A new critical security vulnerability has been disclosed in n8n, an open-source workflow automation platform, that could enable an authenticated...

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

itsecuritynews.info - 13/Jan 12:02

ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow AI Platform that could enable an unauthenticated...

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

itsecuritynews.info - 13/Jan 12:02

ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow AI Platform that could enable an unauthenticated...

Trend Micro warns of critical Apex Central RCE vulnerability

bleepingcomputer.com - 09/Jan 10:40

Japanese cybersecurity software firm Trend Micro has patched a critical security flaw in Apex Central (on-premise) that could allow attackers to...

Trend Micro warns of critical Apex Central RCE vulnerability

bleepingcomputer.com - 09/Jan 10:40

Japanese cybersecurity software firm Trend Micro has patched a critical security flaw in Apex Central (on-premise) that could allow attackers to...

Hackers actively exploit critical RCE flaw in legacy D-Link DSL routers

securityaffairs.co - 07/Jan 09:52

Attackers are exploiting a critical flaw (CVE-2026-0625) in old D-Link DSL routers that allows remote command execution. Threat actors are actively...

Max severity Ni8mare flaw lets hackers hijack n8n servers

bleepingcomputer.com - 07/Jan 17:41

A maximum severity vulnerability dubbed "Ni8mare" allows remote, unauthenticated attackers to take control over locally deployed instances of the...

العناوين :

CVE-2024-12847: Proof-of-Concept Exploit Code Released

Articles similaires

Critical FortiSIEM Vulnerability Lets Attackers Run Arbitrary Commands via TCP Packets

Critical FortiSIEM Vulnerability Lets Attackers Run Arbitrary Commands via TCP Packets

Ni8mare flaw gives unauthenticated control of n8n instances

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

Trend Micro warns of critical Apex Central RCE vulnerability

Trend Micro warns of critical Apex Central RCE vulnerability

Hackers actively exploit critical RCE flaw in legacy D-Link DSL routers

Max severity Ni8mare flaw lets hackers hijack n8n servers

أحدث الإصدارات