#viewstate-deserialization
#viewstate-deserialization

[ follow ]

Active Attacks Exploit Gladinet's Hard-Coded Keys for Unauthorized Access and Code Execution

Hard-coded cryptographic keys in Gladinet CentreStack/Triofox allow decryption or forging of access tickets, enabling access to web.config and potential ViewState deserialization leading to remote code execution.

#sitecore

fromThe Hacker News

3 months ago

Information security

CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation

fromTheregister

3 months ago

Information security

Unknown miscreants snooping around Sitecore via sample keys

fromThe Hacker News

3 months ago

Information security

CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation

fromTheregister

3 months ago

Information security

Unknown miscreants snooping around Sitecore via sample keys

more#sitecore

[ Load more ]

#viewstate-deserialization#viewstate-deserialization

Active Attacks Exploit Gladinet's Hard-Coded Keys for Unauthorized Access and Code Execution

CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation

Unknown miscreants snooping around Sitecore via sample keys

CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation

Unknown miscreants snooping around Sitecore via sample keys

#viewstate-deserialization
#viewstate-deserialization