Incoming 'spray and pray' attacks

Incoming 'spray and pray' attacks

a year ago
Anonymous $gM56WhLPcK

https://www.bleepingcomputer.com/news/security/exploit-released-for-critical-manageengine-rce-bug-patch-now/

Proof-of-concept exploit code is now available for a remote code execution (RCE) vulnerability in multiple Zoho ManageEngine products.

This pre-authentication RCE flaw is tracked as CVE-2022-47966 and stems from using an outdated and vulnerable version of the Apache Santuario library.