An anonymous bug hunter has released a working and elegantly simple exploit for a pre-authentication remote code execution flaw (CVE-2019-16759) affecting vBulletin and it didn’t take long for attackers to start using it.
About vBulletin
vBulletin is the most popular internet forum software in use today.
W3Techs says that around 0.1% of all internet sites run a vBulletin forum, though only 6.4% of these use vulnerable 5.x versions.
MH Sub I, the company that develops vBulletin, claims that there are over 100,000 sites built on the forum software. Among its customers are EA, Sony Pictures, Steam, NASA, Zynga, and many others.
Many dark web forums that serve as markets for illicit services are also based on vBulletin.
..Support the originator by clicking the read the rest link below.
