Adobe ColdFusion Critical Vulnerabilities Exploited Despite Patches

Adobe ColdFusion Critical Vulnerabilities Exploited Despite Patches

Fortinet has observed significant threat exploitation targeting Adobe ColdFusion, a web development computing platform.

This is despite a series of security updates (APSB23-40, APSB23-41, and APSB23-47) released by Adobe in July following reports of several critical vulnerabilities in its platform.

Since those updates, however, Fortinet’s FortiGuard Labs IPS telemetry data has continued to detect numerous efforts to exploit one of these vulnerabilities, the deserialization of untrusted data by the Web Distributed Data eXchange (WDDX) data that forms part of some requests to ColdFusion.

This vulnerability is critical because it poses a significant risk of arbitrary code execution.

The observed attacks include probing, using an interactsh tool that can generate specific domain…


Source link

About coldfusion

Check Also

The History and Size of Microsoft | ColdFusion – MSN

Department of Energy To Revisit Cold Fusion – Space Daily

[unable to retrieve full-text content]Department of Energy To Revisit Cold Fusion  Space Daily Source link

Leave a Reply

Your email address will not be published. Required fields are marked *