Apache Struts 2 Remote Code Execution Vulnerability (CVE-2019-0230, CVE-2019-0233)

Apache Struts Security Team has addressed two possible RCE bugs – CVE-2019-0230 and CVE-2019-0233 in their latest advisories published on August 13, 2020. Description Struts 2 is an open source coding framework for companies to create Java-based applications. The installations of Apache Struts 2, which  are outdated, can be tentatively used to exploit CVE-2019-0230 as … Continue reading “Apache Struts 2 Remote Code Execution Vulnerability (CVE-2019-0230, CVE-2019-0233)”

Zoho ManageEngine OpManager 12.0 Multiple Vulnerabilities

Abstract: While doing our daily research for ThreatPROTECT, I came across ManageEngine, Zoho Corporation’s OpManager product. It is a network monitoring software that helps administrators discover, map, monitor and manage complete IT infrastructure thereby providing all the visibility and control that you need over your network. So we decided to use it for our internal … Continue reading “Zoho ManageEngine OpManager 12.0 Multiple Vulnerabilities”

WordPress Neosense Theme Zero Day

WordPress is the de-facto open source content management system written in PHP with over 17,000,000 publicly (!) detected installations. Want to make money with your programming skills and WordPress? Easy peasy! Simply develop a theme or a plugin, include other open source products and start making money. It is that easy if you have decent … Continue reading “WordPress Neosense Theme Zero Day”