By exploiting these vulnerabilities, hackers can run commands and install malware on the vulnerable servers or even take complete control of the victim's hosts.
- CVE-2019-16759 affects vBulletin version 5.0.0 - 5.5.4. The RCE vulnerability can be found in the includes/vb5/frontend/controller/bbcode.php. A new botnet also utilizes this vulnerability, to block other hackers from exploiting it, so the botnet can own the server.
- Rusty Joomla RCE: It doesn't have a CVE identifier yet, but it is quite similar to CVE-2015-8562. The difference is that the new vulnerability affects a fewer number of Joomla versions (only Joomla 3.x), but it is more dangerous, because it is independent of the server environment.
Both vulnerabilities are patched within our network WAF Recommended Ruleset (rules: 933130 and 933150).