all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ThinkPHP RCE Vulnerabilities (CVE-2019-9082, CVE-2018-20062) Actively Exploited in the Wild

Add to bookmarks
April 26, 2023, 7:09 p.m. |

FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com

Update: 4/26 FortiEDR KB article "Threat Coverage: FortiEDR mitigates the risk of post-exploitation activity associated with exploitation of zero day vulnerabilities and unknown malware" added to APPENDIX section. The "What is the Status of Protection?" section has been updated with additional coverage information.FortiGuard Labs is observing active exploitation of several ThinkPHP remote code execution vulnerabilities (CVE-2019-9082 and CVE-2018-20062). Successful exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the affected system. Both vulnerabilities are on …

actively exploited article catalog cisa code code execution cve cve-2019-9082 exploitation exploited fortiedr information kev known exploited vulnerabilities labs malware post-exploitation protection rce remote code remote code execution risk system threat update vulnerabilities what is

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report

Google Chromium in Visuals Use-After-Free Vulnerability (CVE-2024-4671) 6 days, 17 hours ago | fortiguard.fortinet.com
browser can chrome chromium +15
GitLab Password Reset Vulnerability (CVE-2023-7028) 1 week, 2 days ago | fortiguard.fortinet.com
account administrator attacker cisa +23
Tinyproxy use-after-free Vulnerability (CVE-2023-49606) 1 week, 4 days ago | fortiguard.fortinet.com
actor arbitrary code can code +21
ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709) 1 week, 6 days ago | fortiguard.fortinet.com
access advisory application attackers +29
Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315) 2 weeks, 5 days ago | fortiguard.fortinet.com
CrushFTP VFS Sandbox Escape Vulnerability (CVE-2024-4040) 2 weeks, 6 days ago | fortiguard.fortinet.com
attackers attacks cisa cisa known exploited vulnerabilities +27
ArcaneDoor Attack (CVE-2024-20353 and CVE-2024-20359) 3 weeks, 5 days ago | fortiguard.fortinet.com
adaptive security advisory april arcanedoor +22
Akira Ransomware Attack (CVE-2023-20269 and CVE-2020-3259) 3 weeks, 5 days ago | fortiguard.fortinet.com
access advisory akira akira ransomware +17
PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400) 1 month ago | fortiguard.fortinet.com
advisory attack code code injection +27

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Cyber Security Engineer

@ SNC-Lavalin | VA531: 13900 Lincoln Park Dr, Herndon 13900 Lincoln Park Drive Suite 220, Herndon, VA, 20171 USA
View on infosec-jobs.com

Information Systems Security Officer (ISSO) - early career -Tucson AZ, Onsite

@ Austin Community College | AZ855: RMS AP Bldg M05 1151 East Hermans Road Building M05, Tucson, AZ, 85756 USA
View on infosec-jobs.com