Two critical Remote Code Execution vulnerabilities, CVE‑2024‑23476 and CVE‑2024‑23479, stem from path traversal issues. Given SolarWinds’ history (the 2020 Sunburst attack), any vulnerability in their products immediately draws attention from both defenders and attackers.
No hitlist discussion for is complete without the JetBrains TeamCity (CVE-2024-27198 & CVE-2024-27199) debacle.
0-day And Hitlist Week -02-21-2024- -
Two critical Remote Code Execution vulnerabilities, CVE‑2024‑23476 and CVE‑2024‑23479, stem from path traversal issues. Given SolarWinds’ history (the 2020 Sunburst attack), any vulnerability in their products immediately draws attention from both defenders and attackers.
No hitlist discussion for is complete without the JetBrains TeamCity (CVE-2024-27198 & CVE-2024-27199) debacle. 0-day and Hitlist Week -02-21-2024-