Exploits in the Wild for vBulletin Pre-Auth RCE Vulnerability CVE-2020-17496

From unit42.paloaltonetworks.com

This image illustrates the concept of a vulnerability.

In September 2019, a remote code execution (RCE) vulnerability identified as CVE-2019-16759 was disclosed for vBulletin, a popular forum software. At that time, Unit 42 researchers published a blog on this vBulletin vulnerability, analyzing its root cause and the exploit we found in the wild. By exploiting this vulnerability, an attacker could have gained privileged access and control over any vBulletin server running versions 5.0.0 up to 5.5.4, and potentially lock organizations out from their own sites.

Read more…