💢Today I want to draw your attention to the CVE-2022-24706 vulnerability.
⚠️April 26, 2022, Apache officially announced a discovered vulnerability in Apache CouchDB related to remote code execution. She was assigned a number - RCE CVE-2022-24706.
🔲Apache CouchDB is an open source document-oriented database management system that does not require a description of the data schema, is very widespread, written in the Erlang language.
🛡The exploit is a critical vulnerability affecting Couch databases, the vulnerability was discovered in Apache CouchDB prior to version 3.2.1.
🌐The vulnerability is related to insufficient data validation in the software, which could allow attackers to gain access to a poorly protected default system without authentication and with administrator rights. Which can lead to remote code execution, data interception, malware installation, and other problems.
🛠Attackers have been actively using this exploit since it became available to the public (May 11, 2022), often used to install the Kinsing malware family for hidden cryptocurrency mining.
#bitcoin #btc #cryptocurrency #exploit
#nostr #nostrich #nostriches #nostrichs #amethyst #plebs #pleb #plebchain #coffee #coffeechain
#lightning #lightningnetwork #zap #zaps #zapper #zappers #zapping #zapped #zapathon #zapraiser #zaplife #skullofsatoshi
Showing page 1 of
1 pages
