RCE – WindowsTechs.com

Researchers Find CVSS 10.0 Severity RCE Vulnerability in Erlang/OTP SSH

Posted on April 17, 2025 by Waqas

Security researchers report CVE-2025-32433, a CVSS 10.0 RCE vulnerability in Erlang/OTP SSH, allowing unauthenticated code execution on exposed… Continue reading Researchers Find CVSS 10.0 Severity RCE Vulnerability in Erlang/OTP SSH→

BentoML Vulnerability Allows Remote Code Execution on AI Servers

Posted on April 11, 2025 by Deeba Ahmed

TL;DR: A critical deserialization vulnerability (CVSS 9.8 – CVE-2025-27520) in BentoML (v1.3.8–1.4.2) lets attackers execute remote code without… Continue reading BentoML Vulnerability Allows Remote Code Execution on AI Servers→

Hackers Use CVE-2024-50603 to Deploy Backdoor on Aviatrix Controllers

Posted on January 15, 2025 by Deeba Ahmed

A critical vulnerability (CVE-2024-50603) in the Aviatrix Controller allows unauthenticated RCE. Active exploitation observed by Wiz Research in… Continue reading Hackers Use CVE-2024-50603 to Deploy Backdoor on Aviatrix Controllers→

Critical Windows Kerberos Flaw Exposes Millions of Servers to Attack

Posted on November 19, 2024 by Deeba Ahmed

A critical vulnerability in the Windows Kerberos authentication protocol poses a significant risk to millions of servers. Microsoft… Continue reading Critical Windows Kerberos Flaw Exposes Millions of Servers to Attack→

Critical Vulnerabilities Expose Nearly 1 Million DrayTek Routers Globally

Posted on October 7, 2024 by Deeba Ahmed

Critical security vulnerabilities exposed in DrayTek Vigor routers: Discover how to protect your network from these serious flaws.… Continue reading Critical Vulnerabilities Expose Nearly 1 Million DrayTek Routers Globally→

Decade-Old Linux Vulnerability Can Be Exploited for DDoS Attacks on CUPS

Posted on October 2, 2024 by Deeba Ahmed

This article explores the Linux vulnerability discovered by Simone Margaritelli, which, according to cybersecurity companies Uptycs and Akamai,… Continue reading Decade-Old Linux Vulnerability Can Be Exploited for DDoS Attacks on CUPS→

New Veeam Vulnerability Puts Thousands of Backup Servers at Risk – PATCH NOW!

Posted on September 9, 2024 by Waqas

A critical vulnerability (CVE-2024-40711) in Veeam Backup & Replication software allows attackers to gain full control without authentication.… Continue reading New Veeam Vulnerability Puts Thousands of Backup Servers at Risk – PATCH NOW!→

Getting Root on Cheap WiFi Repeaters, the Long Way Around

Posted on September 5, 2024 by Dan Maloney

What can you do with a cheap Linux machine with limited flash and only a single free GPIO line? Probably not much, but sometimes, just getting root to prove you …read more Continue reading Getting Root on Cheap WiFi Repeaters, the Long Way Around→

This Week in Security: The Rest of the IPv6 Story, CVE Hunting, and Hacking the TSA

Posted on August 30, 2024 by Jonathan Bennett

We finally have some answers about the Windows IPv6 vulnerability — and a Proof of Concept! The patch was a single change in the Windows TCP/IP driver’s Ipv6pProcessOptions(), now calling …read more Continue reading This Week in Security: The Rest of the IPv6 Story, CVE Hunting, and Hacking the TSA→

This Week in Security: Three Billion SS Numbers, IPv6 RCE, and Ring -2

Posted on August 16, 2024 by Jonathan Bennett

You may have heard about a very large data breach, exposing the Social Security numbers of three billion individuals. Now hang on. Social Security numbers are a particularly American data …read more Continue reading This Week in Security: Three Billion SS Numbers, IPv6 RCE, and Ring -2→