New WinRAR Vulnerability Could Allow Hackers to Take Control of Your PC

A high-severity security flaw has been disclosed in the WinRAR utility that could be potentially exploited by a threat actor to achieve remote code execution on Windows systems. Tracked as CVE-2023-40477 (CVSS score: 7.8), the vulnerability has been described as a case of improper validation while processing recovery volumes. "The issue results from the lack of proper validation of user-supplied

Posted from: Click here for the full article.

留言

發佈留言

此網誌的熱門文章

Cisco Releases Urgent Patch to Fix Critical Flaw in Emergency Responder Systems

Cisco has released updates to address a critical security flaw impacting Emergency Responder that allows unauthenticated, remote attackers to sign into susceptible systems using hard-coded credentials. The vulnerability, tracked as CVE-2023-20101 (CVSS score: 9.8), is due to the presence of static user credentials for the root account that the company said is usually reserved for use during Posted from: Click here for the full article .
閱讀更多

OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation

A newly disclosed high-severity security flaw impacting OttoKit (formerly SureTriggers) has come under active exploitation within a few hours of public disclosure. The vulnerability, tracked as CVE-2025-3102 (CVSS score: 8.1), is an authorization bypass bug that could permit an attacker to create administrator accounts under certain conditions and take control of susceptible websites. "The Posted from: Click here for the full article .
閱讀更多

CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting NAKIVO Backup & Replication software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2024-48248 (CVSS score: 8.6), an absolute path traversal bug that could allow an unauthenticated attacker to Posted from: Click here for the full article .
閱讀更多