Security researcher Mattia “0xbro” Brollo disclosed a trio of severe vulnerabilities in vtenext CRM (versions 25.02 and earlier) that enable unauthenticated attackers to completely bypass login controls and execute arbitrary code on affected installations. Although vtenext quietly patched one of these flaws in version 25.02.1, two equally dangerous vectors remain unaddressed—placing countless small and medium‐sized […]

The post Multiple vtenext Flaws Allow Attackers to Bypass Authentication and Run Remote Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/multiple-vtenext-flaws/