ZDI-24-910: SolarWinds Access Rights Manager CreateFile Directory Traversal Remote Code Execution Vulnerability

Read Time:13 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 10.0. The following CVEs are assigned: CVE-2024-23471.

Multiple Vulnerabilities in Fortinet Products Could Allow for Remote Code Execution

Multiple vulnerabilities have been discovered Fortinet Products, the most severe of which could allow for remote code execution. FortiManager...

February 12, 2025

Critical Patches Issued for Microsoft Products, February 11, 2025

Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in...

February 11, 2025

Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution

Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful...

February 11, 2025

python3.11-3.11.11-5.fc40

FEDORA-2025-f613fe78b6 Packages in this update: python3.11-3.11.11-5.fc40 Update description: Security fix for CVE-2025-0938 Read More

February 11, 2025

python3.11-3.11.11-5.fc41

FEDORA-2025-81304012fc Packages in this update: python3.11-3.11.11-5.fc41 Update description: Security fix for CVE-2025-0938 Read More

February 11, 2025

python3.10-3.10.16-5.fc40

FEDORA-2025-10e053d399 Packages in this update: python3.10-3.10.16-5.fc40 Update description: Security fix for CVE-2025-0938 Read More

February 11, 2025

Alabama Hacker Admits Role in SEC X Account Breach

New Chinese Hacking Campaign Targets Manufacturing Firms to Steal IP

DDoS Attack Volume and Magnitude Continues to Soar

Ransomware Gangs Increasingly Prioritize Speed and Volume in Attacks

8Base Ransomware Site Seized, Phobos Suspects Arrested in Thailand

Trusted Encryption Environments

Apple Mitigates “Extremely Sophisticated” Zero-Day Exploit

OpenAI Was Not Breached, Say Researchers

BadIIS Malware Exploits IIS Servers for SEO Fraud

ZDI-24-910: SolarWinds Access Rights Manager CreateFile Directory Traversal Remote Code Execution Vulnerability

Multiple Vulnerabilities in Fortinet Products Could Allow for Remote Code Execution

Critical Patches Issued for Microsoft Products, February 11, 2025

Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution

python3.11-3.11.11-5.fc40

python3.11-3.11.11-5.fc41

python3.10-3.10.16-5.fc40