A zero-day exploit has been found by an unnamed bug hunter that affects versions 5.0.0 through 5.5.4 of vBulletin’s forum software and can be carried out over the internet in an effort to hijack servers. Last night, it was revealed that a regular HTTP POST request is all it takes for an attacker to be able to execute malicious commands without authentication. Through these efforts, attackers would be able to control the servers behind the forum software and carry out criminal activity such as stealing data, tampering with information, and launching assaults on other systems. What’s most shocking is that it can be done using 20 lines or less of Python code, making it an extremely simple yet very effective tactic. vBulletin has been attempted to be reached for comment but have yet to make any mention of the instance–meaning no patch is currently available. This puts a large amount of their customer base at risk, which includes major corporations, sports organizations, and entertainment firms. It will be interesting to see how long vBulletin takes with a response and what the total damage will be when this is said and done.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.