Zoho

Researchers release PoC vulnerability for critical Zoho RCE bug, patch now

A proof-of-concept exploit will be released later this week for a critical vulnerability that allows remote code execution (RCE) without authentication in multiple VMware products. Tracked as CVE-2022-47966, this pre-built security flaw for RCE is due to the use of an outdated and vulnerable third-party dependency, Apache Santuario. A successful exploit allows unauthenticated threat actors …

Researchers release PoC vulnerability for critical Zoho RCE bug, patch now Read More »