“metinfo, weaver e - cology vulnerabilities in attackers ’ crosshairs threat actors have separately started exploiting two critical - severity vulnerabilities in metinfo and weaver e - cology that allow them to execute arbitrary code remotely, without authentication. metinfo is an…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
74%
“##ck, there are approximately 2, 000 metinfo cms instances accessible from the internet, mainly in china. weaver e - cology, which is also predominantly used in china, is an office automation and collaboration solution that enables organizations to manage portals, workflows, know…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.006Vulnerabilities
60%
“and discovery could happen concurrently : both are different post bodies to the same endpoint, ” vega notes. related : exploitation of ‘ copy fail ’ linux vulnerability begins related : over 40, 000 servers compromised in ongoing cpanel exploitation related : sonicwall urges imme…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
41%
“and discovery could happen concurrently : both are different post bodies to the same endpoint, ” vega notes. related : exploitation of ‘ copy fail ’ linux vulnerability begins related : over 40, 000 servers compromised in ongoing cpanel exploitation related : sonicwall urges imme…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
The security defects allow unauthenticated, remote attackers to execute arbitrary code through crafted requests.