LR pixel

Teleport Remote Authentication Bypass

von | 20. Juni 2025 | Unkategorisiert

What is the Vulnerability?Teleport security engineers have discovered a critical vulnerability affecting Teleport versions earlier than 17.5.2. This flaw allows remote attackers to bypass SSH authentication on servers running Teleport SSH agents, OpenSSH-integrated...

TBK DVRs Botnet Attack

von | 10. Juni 2025 | Unkategorisiert

What is the Attack?Threat Actors are actively exploiting CVE-2024-3721, a command injection vulnerability in TBK DVR devices (Digital Video Recorders). This flaw allows unauthenticated remote code execution (RCE) via crafted HTTP requests to the endpoint. The...

SimpleHelp Path Traversal Vulnerability

von | 29. Mai 2025 | Unkategorisiert

What is the Vulnerability?FortiGuard Labs continues to observe ongoing attack attempts targeting SimpleHelp, a Remote Monitoring and Management (RMM) software, due to a critical unauthenticated path traversal vulnerability (CVE-2024-57727) affecting versions 5.5.7 and...

Ivanti EPMM Zero Day Vulnerabilities

von | 22. Mai 2025 | Unkategorisiert

What is the Vulnerability?On May 15, 2025, Ivanti disclosed two critical vulnerabilities, CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile (EPMM) version 12.5.0.0 and earlier. When chained together, these vulnerabilities can allow...