vBulletin Vulnerability (CVE-2019-16759)

On September 25, 2019, an anonymous source issued a vulnerability to vBulletin (CMS) Content Management System.

vBulletin is an application written in php code to make it easier to manage or install the content of sites such as forums. Among them, high profile and more than 100,000 sites using this application has been approved by vBulletin.

This vulnerability allows the attacker to remotely run the code on the server where the application is running with a specially designed POST request.

Vulnerability is armed, the Nmap module is also available and can be combined with various modules to be used as an automated attack tool.

Vulnerability is available in all versions from 5.x to 5.5.4.

Using the corresponding vulnerability, the data of about 250,000 users has been stolen from the forum website of Comodo.

 

SOLUTION

A patch or a new version has not been officially released and should be closed if the site uses this CMS.

An unofficial patch is published as open source.

It is also recommended that users of Comodo forums, one of the known disclosures, make changes to their accounts with a similar username and password combination.

 

REFERENCES

https://www.cvedetails.com/cve/cve-2019-16759/

HoneyPot Network
Cyber Intelligence Report 13 April 2020
Microsoft Windows RDP RCE Vulnerability: DejaBlue
August 18, 2019
Cisco Small Business Switch Zafiyeti
Cisco Small Business Switch Zafiyeti
Top