The Hacker News

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

FreePBX patched 2025 flaws allowing SQL injection, file upload attacks, and an auth bypass only when webserver AUTHTYPE was ...
Bleeping Computer

Fortinet warns admins to patch critical auth bypass bug immediately

Fortinet has warned administrators to update FortiGate firewalls, FortiProxy web proxies, and FortiSwitch Manager (FSWM) on-premise management platforms to the latest versions, which address a ...
ZDNet

Fortinet warns that critical authentication bypass flaw has been exploited

The Cybersecurity and Infrastructure Security Agency (CISA) has added a Fortinet critical flaw to its known exploited vulnerabilities catalog. CISA on Tuesday added the flaw to the KEV catalog, a day ...
Threat Post

Authentication Bypass, Potential Backdoors Plague Old WiMAX Routers

WiMAX routers manufactured by several companies, including Huawei and ZyXEL, are vulnerable to an authentication bypass and potential backdoors. WiMAX routers manufactured by several companies, ...
Threat Post

Dangerous Kubernetes Bugs Allow Authentication Bypass, DoS

The flaws in the container technology, CVE-2019-16276 and CVE-2019-11253, are simple to exploit. A pair of bugs in the Kubernetes open-source cloud container software can be “highly dangerous” under ...
Bleeping Computer

Fortinet says critical auth bypass bug is exploited in attacks

Fortinet has confirmed today that a critical authentication bypass security vulnerability patched last week is being exploited in the wild. The security flaw (CVE-2022-40684) is an auth bypass on the ...