Security researcher publishes details and exploit code for a vBulletin zero-day

Catalin Cimpanu reports:

A security researcher has published details and proof-of-concept exploit code for a zero-day vulnerability in vBulletin, one of today’s most popular forum software.

The zero-day is a bypass for a patch from a previous vBulletin zero-day — namely CVE-2019-16759, disclosed in September 2019.

Read more on ZDNet.

Lawrence Abrams of BleepingComputer has more on what happened after the 0day was released and what happened next.

About the author: Dissent

Comments are closed.