Progress warnt dass mit OECH1-kodierte Anmeldedaten in OpenEdge als kompromittiert gelten und Cyberkriminelle sich Zugriff verschaffen könnten. Die Verschlüsselungsmethode wurde ausgetauscht, patchen müssen die Nutzer dennoch.
The security defects could be exploited for remote code execution, OS command injection, and WAF detection bypass. The post Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster appeared first on SecurityWeek.
Comments
Progress ShareFile Flaws CVE-2026-2699 & CVE-2026-2701 RCE A newly disclosed Progress ShareFile pre-auth RCE chain is drawing attention after researchers showed how CVE-2026-2699 and CVE-2026-2701 can be combined to compromise exposed Storage Zones Controller 5.x servers. The issue affects customer-managed ShareFile deployments that rely on the older 5.x branch, not every ShareFile environment. watchTowr publicly […]