#unauthenticatedattacks — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #unauthenticatedattacks, aggregated by home.social.
-
NGINX Flaw Enables Unauthenticated Remote Code Execution
A critical 18-year-old vulnerability, known as NGINX Rift, has been discovered in NGINX Plus and NGINX Open Source, allowing unauthenticated attackers to remotely execute code with a single crafted HTTP request. This high-severity flaw, rated 9.2 on the CVSS v4 scale, poses a significant threat to vulnerable servers.
#Nginx #RemoteCodeExecution #Cve202642945 #UnauthenticatedAttacks #HeapBufferOverflow
-
Hackers Exploit Weaver E-cology Bug in Targeted Attacks
Hackers are taking advantage of a critical bug in Weaver E-cology, using an exposed debug API endpoint to execute system commands on vulnerable servers without needing login credentials. This security flaw, tracked as CVE-2026-22679, affects Weaver E-cology 10.0 builds prior to March 12.
#Cve202622679 #WeaverEcology #RemoteCodeExecution #UnauthenticatedAttacks #EmergingThreats