all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Active Exploitation of WSO2 Vulnerability (CVE-2022-29464) Delivers Malware

Add to bookmarks
June 3, 2022, 4:50 p.m. |

FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com

FortiGuard Labs is aware that a WSO2 vulnerability (CVE-2022-29464) that was patched in February 2022 and was disclosed in April is still being actively exploited in the field. CVE-2022-29464 is an unrestricted arbitrary file upload, and remote code execution vulnerability that allows unauthenticated and remote attackers to execute arbitrary code in the vulnerable WSO2 products. Why is this Significant?This is significant because despite the fact CVE-2022-29464 was patched in February and was disclosed in April, the vulnerability is still being …

cve exploitation malware vulnerability wso2

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report

Akira Ransomware Attack 1 day, 19 hours ago | fortiguard.fortinet.com
access advisory akira akira ransomware +16
PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400) 1 week, 1 day ago | fortiguard.fortinet.com
advisory attack code code injection +27
XZ Utils Supply Chain Attack (CVE-2024-3094) 2 weeks, 6 days ago | fortiguard.fortinet.com
attack code compression cve +25
Nice Linear eMerge Command Injection Vulnerability (CVE-2019–7256) 3 weeks, 6 days ago | fortiguard.fortinet.com
access attacker code code execution +25
Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897) 4 weeks ago | fortiguard.fortinet.com
access application application developers attackers +31
Kimsuky Malware Attack 4 weeks, 1 day ago | fortiguard.fortinet.com
attack cyber entities espionage +15
JetBrains TeamCity Authentication Bypass Vulnerabilities (CVE-2024-27198, CVE-2024-27199) 1 month, 1 week ago | fortiguard.fortinet.com
attacker authentication authentication bypass bypass +15
ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709) 1 month, 4 weeks ago | fortiguard.fortinet.com
access advisory application attackers +28
Microsoft Exchange Server Elevation of Privilege Vulnerability (CVE-2024-21410) 2 months, 1 week ago | fortiguard.fortinet.com
attacks can critical cve +27

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Team Lead, Security Operations Center, Cyber Risk

@ Kroll | United Kingdom
View on infosec-jobs.com

Cyber Security Risk Analyst

@ College Board | Remote - Virginia
View on infosec-jobs.com

Lead - IT Security Engineer

@ Bosch Group | BENGALURU, India
View on infosec-jobs.com

Project Cybersecurity Manager

@ Alstom | Bengaluru, KA, IN
View on infosec-jobs.com

Security Consultant

@ CloudSEK | Bengaluru, Karnataka, India
View on infosec-jobs.com
View more jobs