New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution

Updated on August 6, 2024

A new zero-day pre-authentication remote code execution vulnerability has been disclosed in the Apache OFBiz open-source enterprise resource planning (ERP) system that could allow threat actors to achieve remote code execution on affected instances.
Tracked as CVE-2024-38856, the flaw has a CVSS score of 9.8 out of a maximum of 10.0. It affects Apache OFBiz versions prior to 18.12.15.
“The…

Read the rest of the story at Read More

Source: The Hacker News

October 30, 2024 Uncategorized

Malvertising Campaign Hijacks Facebook A...

September 21, 2024 Uncategorized

LinkedIn Halts AI Data Processing in UK ...

September 12, 2024 Uncategorized

New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution

Related posts

Malvertising Campaign Hijacks Facebook A...

LinkedIn Halts AI Data Processing in UK ...

New Android Malware ‘Ajina.Banker&...

Leave a Comment Cancel reply

Recent News

⚡ Weekly Recap: Nation-State Hacks, Spyware Alerts, Deepfake Malware, Supply Chain Backdoors

Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace

Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data

Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack

Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware

U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

How to Automate CVE and Vulnerability Advisory Response with Tines

MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks

Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support