Total Tests:

Reports: Actively exploited zero-day found in vBulletin forum software

By Bradley Barth for SC Media
Thursday, September 26, 2019

As of Sept. 25, vBulletin has not yet issued a fix. However, BleepingComputer reported that security researcher Nick Cano created an easy patch. SC Media has reached out to vBulletin developer MH Sub I, LLC for comment.

“This critical RCE vulnerability is surprisingly simple to exploit, and sadly very few web application firewalls (WAF) will block its exploitation,” added Ilia Kolochenko, founder and CEO of ImmuniWeb. “These days security flaws exploitable in a default configuration and without authentication are very rare in such well-establish web software. We should expect a tornado of automated hacking and web server backdooring campaigns to start now.”

“Website owners running the vulnerable versions should urgently shut down their vBulletin forums completely while the vendor is working on an emergency patch,” Kolochenko continued.

“It was just a matter of time before bad actors fixed their crosshairs on forums – rich storehouses of user information,” said Mike Bittner, associate director of digital security and operations at The Media Trust, in emailed comments. Forum software vendors, Bittner continued, too often collect information on users without site owners’ authorization, while failing to equip their products with the needed security and privacy protections…”

“In an environment where bad actors are always looking out for vulnerabilities they can exploit or well-intentioned products like vBulletin they can abuse, site owners will need to close the security gaps themselves, ideally by carefully vetting their vendors and ensuring those vendors observe digital policies,” Bittner continued. Read Full Article

Book a Call Ask a Question
Talk to ImmuniWeb Experts
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
Your data will stay private and confidential