vBulletin fixes ridiculously easy to exploit zero-day RCE bug

[correlate]

[correlate]

Level 18
Thread author
Verified
Top Poster
Well-known
Forum Veteran
May 4, 2019
791
9,574
1,670
New York
Content source
https://www.bleepingcomputer.com/news/security/vbulletin-fixes-ridiculously-easy-to-exploit-zero-day-rce-bug/
A simple one-line exploit has been published for a zero-day pre-authentication remote code execution (RCE) vulnerability in the vBulletin forum software.

vBulletin is an immensely popular online forum software utilized by large brands such as Electronic Arts, Zynga, Sony, Pearl Jam, NASA, Steam, and many more.
Click to expand...
www.bleepingcomputer.com

vBulletin fixes ridiculously easy to exploit zero-day RCE bug

A simple one-line exploit has been published for a zero-day pre-authentication remote code execution (RCE) vulnerability in the vBulletin forum software.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
Reactions: Gandalf_The_Grey, Protomartyr, ForgottenSeer 85179 and 3 others
This, does not automatic fix and patch the issue. It's the sites administrators that have to do the actual work manually and implement the patch. People that use or is registered on a vBulletin site/forum should reach out and ask the staff, unless it's already locally announced.
 
  • Like
  • +Reputation
  • Thanks
Reactions: Gandalf_The_Grey, Protomartyr, silversurfer and 3 others
upnorth said:
This, does not automatic fix and patch the issue. It's the sites administrators that have to do the actual work manually and implement the patch. People that use or is registered on a vBulletin site/forum should reach out and ask the staff, unless it's already locally announced.
Click to expand...
you are right .
Site administrators must bear responsibility, especially in maintaining and securing the site.
 
  • Like
  • +Reputation
Reactions: Gandalf_The_Grey, Protomartyr, silversurfer and 1 other person
You must log in or register to reply here.

You may also like...