OSGeo GeoServer

OSGeo GeoServer

Multiple threat actors exploited a GeoServer GeoTools flaw (CVE-2024-36401), leading to malware campaigns delivering cryptocurrency miners, bots, and the SideWalk backdoor. Targeted entities include IT service providers in India, US technology firms, Belgian government bodies, and telecom companies in Thailand and Brazil. Exploits allowed persistent remote access, data exfiltration, and payload deployment, potentially causing widespread disruption across targeted regions and industries. Open-source flexibility requires strict security measures, including timely updates and threat detection strategies to mitigate risks posed by such vulnerabilities.

Source: https://securityaffairs.com/168197/malware/geoserver-geotools-flaw-cve-2024-36401-malware.html

"id": "geo001091424",
"linkid": "geosolutionsgroup",
"type": "Vulnerability",
"date": "9/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.