ZDNet

Patch released for Fortinet command injection vulnerability

Update: In a statement to ZDNet, Fortinet criticized Rapid7 for releasing the study and said a patch would be released by the end of the month. "The security of our customers is always our first ...
HHS

Four-Faith Routers Exploited Using New Flaw

The vulnerability, tracked as CVE-2024-12856, affects F3x24 and F3x36 router models. It allows remote command execution through the router's default credentials, potentially compromising thousands of ...
Yahoo

Researchers warn command injection flaw in Fortinet FortiWeb is under exploitation

Fortinet Technologies Canada office on Oct. 15, 2023, in Nepean, Canada. The cybersecurity company disclosed a customer data breach on Sept. 12, 2024. This story was originally published on ...
Ars Technica

Zyxel warns of vulnerabilities in a wide range of its products

Networking hardware-maker Zyxel is warning of nearly a dozen vulnerabilities in a wide array of its products. If left unpatched, some of them could enable the complete takeover of the devices, which ...
Bleeping Computer

Latest Command Injection news

Today, Palo Alto Networks warns that an unpatched critical command injection vulnerability in its PAN-OS firewall is being actively exploited in attacks. Threat actors can exploit a security ...

Researchers discover OpenAI Codex vulnerability involving Unicode characters

Hackers can steal your GitHub tokens through OpenAI’s Codex using nothing more than a sneaky branch name ...