#1 Trusted Cybersecurity News Platform Followed by 3.45+ million
The Hacker News Logo
Subscribe to Newsletter

VBulletin | Breaking Cybersecurity News | The Hacker News

A New vBulletin 0-Day RCE Vulnerability and Exploit Disclosed Publicly

A New vBulletin 0-Day RCE Vulnerability and Exploit Disclosed Publicly
Aug 11, 2020
A security researcher earlier today publicly revealed details and proof-of-concept exploit code for an unpatched, critical zero-day remote code execution vulnerability affecting the widely used internet forum software vBulletin that's already under active exploitation in the wild. vBulletin is a widely used proprietary Internet forum software package based on PHP and MySQL database server that powers over 100,000 websites on the Internet, including Fortune 500 and Alexa Top 1 million companies websites and forums. In September last year, a separate anonymous security researcher publicly disclosed a then-zero-day RCE vulnerability in vBulletin , identified as CVE-2019-16759 , and received a critical severity rating of 9.8, allowing attackers to execute malicious commands on the remote server without requiring any authentication to log into the forum. A day after the disclosure of CVE-2019-16759, the vBulletin team released security patches that resolved the issue, but it t

An Undisclosed Critical Vulnerability Affect vBulletin Forums — Patch Now

An Undisclosed Critical Vulnerability Affect vBulletin Forums — Patch Now
May 11, 2020
If you are running an online discussion forum based on vBulletin software, make sure it has been updated to install a newly issued security patch that fixes a critical vulnerability. Maintainers of the vBulletin project recently announced an important patch update but didn't reveal any information on the underlying security vulnerability, identified as CVE-2020-12720 . Written in PHP programming language, vBulletin is a widely used Internet forum software that powers over 100,000 websites on the Internet, including forums for some Fortune 500 and many other top companies. Considering that the popular forum software is also one of the favorite targets for hackers, holding back details of the flaw could, of course, help many websites apply patches before hackers can exploit them to compromise sites, servers, and their user databases. However, just like previous times, researchers and hackers have already started reverse-engineering the software patch to locate and understan

external linkEliminating SaaS Shadow IT is Now Available via a Free Self-Service Product

SaaS
websitewww.wing.securitySaaS Security / Shadow IT
This new product provides IT and Security visibility into the risky SaaS apps employees are using.

Hackers Breach ZoneAlarm's Forum Site — Outdated vBulletin to Blame

Hackers Breach ZoneAlarm's Forum Site — Outdated vBulletin to Blame
Nov 11, 2019
ZoneAlarm, an internet security software company owned by Israeli cybersecurity firm Check Point Technologies, has suffered a data breach exposing data of its discussion forum users, the company confirmed The Hacker News. With nearly 100 million downloads, ZoneAlarm offers antivirus software, firewall, and additional virus protection solutions to home PC users, small businesses, and mobile phones worldwide. Though neither ZoneAlarm or its parent company Check Point has yet publicly disclosed the security incident, the company quietly sent an alert via email to all affected users over this weekend, The Hacker News learned. The email-based breach notification advised ZoneAlarm forum users to immediately change their forum account passwords, informing them hackers have unauthorizedly gained access to their names, email addresses, hashed passwords, and date of births. Moreover, the company has also clarified that the security incident only affects users registered with the "

vBulletin Releases Patch Update for New RCE and SQLi Vulnerabilities

vBulletin Releases Patch Update for New RCE and SQLi Vulnerabilities
Oct 08, 2019
After releasing a patch for a critical zero-day remote code execution vulnerability late last month, vBulletin has recently published a new security patch update that addresses 3 more high-severity vulnerabilities in its forum software. If left unpatched, the reported security vulnerabilities, which affect vBulletin 5.5.4 and prior versions, could eventually allow remote attackers to take complete control over targeted web servers and steal sensitive user information. Written in PHP, vBulletin is a widely used proprietary Internet forum software package that powers over 100,000 websites on the Internet, including Fortune 500 and Alexa Top 1 million companies websites and forums. Discovered by application security researcher Egidio Romano, the first vulnerability, tracked as CVE-2019-17132 , is a remote code execution flaw, while the other two are SQL injection issues, both assigned a single ID as CVE-2019-17271 . vBulletin RCE and SQLi Flaws The RCE flaw resides in the w

Comodo Forums Hack Exposes 245,000 Users' Data — Recent vBulletin 0-day Used

Comodo Forums Hack Exposes 245,000 Users' Data — Recent vBulletin 0-day Used
Oct 01, 2019
If you have an account with the Comodo discussion board and support forums, also known as ITarian Forum, you should change your password immediately. Cybersecurity company Comodo has become one of the major victims of a recently disclosed vBulletin 0-day vulnerability , exposing login account information of over nearly 245,000 users registered with the Comodo Forums websites. In a brief security notice published earlier today, Comodo admitted the data breach, revealing that an unknown attacker exploited the vBulletin vulnerability (CVE-2019-16759) and potentially gained access to Comodo Forums database. It's worth noting that Comodo forum was hacked on September 29, almost four days after vBulletin developers released a patch to let administrators address the vulnerability, but the company failed to apply the patches on time. As The Hacker News broke the news last week, an anonymous hacker publicly disclosed details of a critical then-unpatched vulnerability in vBulleti

[Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly

[Unpatched] Critical 0-Day RCE Exploit for vBulletin Forum Disclosed Publicly
Sep 24, 2019
An anonymous hacker today publicly revealed details and proof-of-concept exploit code for an unpatched, critical zero-day remote code execution vulnerability in vBulletin—one of the widely used internet forum software, The Hacker News has learned. One of the reasons why the vulnerability should be viewed as a severe issue is not just because it is remotely exploitable, but also doesn't require authentication. Written in PHP, vBulletin is a widely used proprietary Internet forum software package that powers more than 100,000 websites on the Internet, including Fortune 500 and Alexa Top 1 million companies websites and forums. According to details published on the Full Disclosure mailing list, the hacker claims to have found a remote code execution vulnerability that appears to affect vBulletin versions 5.0.0 till the latest 5.5.4. The Hacker News has independently verified that the flaw works, as described, and affects the latest version of vBulletin software, which even

Two Critical 0-Day Remote Exploits for vBulletin Forum Disclosed Publicly

Two Critical 0-Day Remote Exploits for vBulletin Forum Disclosed Publicly
Dec 18, 2017
Security researchers have discovered and disclosed details of two unpatched critical vulnerabilities in a popular internet forum software—vBulletin—one of which could allow a remote attacker to execute malicious code on the latest version of vBulletin application server. vBulletin is a widely used proprietary Internet forum software package based on PHP and MySQL database server. It powers more than 100,000 websites on the Internet, including Fortune 500 and Alexa Top 1 million companies websites and forums. The vulnerabilities were discovered by a security researcher from Italy-based security firm TRUEL IT and an unknown independent security researcher, who disclosed the details of the vulnerabilities by Beyond Security's SecuriTeam Secure Disclosure program. The vulnerabilities affect version 5 of the vBulletin forum software and are currently unpatched. Beyond Security claims, it tried to contact vBulletin since November 21, 2017, but received no response from the compa

Epic Games Forum Hacked, Once Again — Over 800,000 Gamers' Data Stolen

Epic Games Forum Hacked, Once Again — Over 800,000 Gamers' Data Stolen
Aug 23, 2016
If you are a fan of Unreal Tournament from Epic Games or ever have participated in discussions on the online forums run by Epic Games, you possibly need to change your forum password as soon as possible. It seems the Unreal Engine and its creators, Epic Games' forums have recently been compromised by an unknown hacker or a group of hackers, who have stolen more than 800,000 forum accounts with over half a Million from the Unreal Engine's forums alone. The hackers get their hands on the forum accounts by exploiting a known vulnerability resided in an outdated version of the vBulletin forum software, which allowed them to get access to the full database. Epic believes registration information that includes usernames, scrambled passwords, email addresses, dates of birth, IP addresses, and date of joining, may have been obtained in the attack. "We believe a recent Unreal Engine and Unreal Tournament forum compromise revealed email addresses and other data entered in

Exclusive - openSUSE Forum Hacked; 79500 Users Data Compromised

Exclusive - openSUSE Forum Hacked; 79500 Users Data Compromised
Jan 07, 2014
After Snapchat hack, this can be another worst data breach of the new year. A Pakistani hacker ' H4x0r HuSsY ' has successfully compromised the official Forum of ' openSUSE ', a Linux distro developed, sponsored & supported by SUSE. The hacker managed to deface the Forum and uploaded its custom message page as shown and account information of 79,500 registered users' may have been compromised. (The forum was defaced at the time of writing - Check Here ) The popular website MacRumors's Forum was compromised  in last November using an alleged zero day exploit, which is based on  vBulletin , a famous forum software. The openSUSE Forum is also based upon  vBulletin . Another interesting fact is that openSUSE is still using vBulletin 4.2.1 , which is vulnerable to  inject rogue administrator accounts flaw. Whereas,  the latest patched  vBulletin 5.0.5 is available. Possibly, Hacker exploits same or another known vBulletin version 4.2.1 vulnerability to ac

vBulletin Forum hacked with Zero Day vulnerability, caused Macrumors Forum Data breach

vBulletin Forum hacked with Zero Day vulnerability, caused Macrumors Forum Data breach
Nov 17, 2013
Last Tuesday, Popular Mac news website MacRumors's user forums was hacked and forum database has been compromised including the username, email and passwords belonging to all 860,000 registered users. Yesterday,  Inj3ct0r Team of Exploit Database website  1337Day claimed the responsibility for the hack and also claimed that they have also hacked the official website of vBulletin Forum using a   Zero Day exploit . " Macrumors.com was based on vBulletin CMS. We use our 0day exploit vBulletin , got password moderator. 860000 user data hacked too. The network security is a myth " he told me. During the conversation, team leader told me that he has discovered a Zero Day Remote Code Execution vulnerability in vBulletin v4.x.x and 5.х.x, that allows an attacker to execute arbitrary code on the server end remotely. On their exploit marketplace they are also selling this zero day exploit with Shell Upload payload at $7000 USD. " We found a critical v

Major VBulletin based websites are vulnerable to Hackers; Pakistani forums defaced by Indian Hackers

Major VBulletin based websites are vulnerable to Hackers; Pakistani forums defaced by Indian Hackers
Sep 06, 2013
vBulletin is a publishing suite that allows users to create and publish a variety of content, including: forums, blogs, and polls. If you currently use an older version of  vBulletin  on your website, you might be opening up your site to an attack as some serious security vulnerabilities, which allows hackers to access your hosting admin panel. Two Indian Hackers, going by virtual name  Ne0-h4ck3r & Google-warri0r has developed an exploit of known  vBulletin  vulnerability, that can be used to add a user remotely to  vBulletin  customer panel with admin privileges. According to Hackers, vBulletin versions 4.x.x.x are affected to their exploit. It isn't quite clear the extent of the exploit, however, hundreds of major websites on  vBulletin  have been reported to be affected. Here's a list of some domains that have been used so far in this attack: https://usasexguide.info/ https://www.desironak.com/ https://www.pakistanipoint.com https://www.cssexam.com/f
More Resources