Over the past two weeks, hackers exploited a high-risk vulnerability in the SugarCRM system to spread malicious programs to control servers. The vulnerability was revealed in December 2022, when there was no patch for 0day, the person who disclosed the vulnerability also released the exploit code, saying it was an authentication bypass plus remote code execution vulnerability, which means that the attacker does not need an identity Credentials can remotely run malicious code on a vulnerable server. SugarCRM officially released an announcement on January 5 confirming the vulnerability. Security researchers at Censys, which provides network monitoring services, reported Wednesday that 354 of the 3,059 SugarCRM servers it monitored were infected with malicious programs that implanted backdoors.
This article is transferred from: https://www.solidot.org/story?sid=73882
This site is only for collection, and the copyright belongs to the original author.