Pwning TRUfusion Enterprise again: chaining a pre-auth SSRF (CVE-2025-32355), a default password, and a path traversal (CVE-2025-59793) to gain RCE.
#security
www.rcesecurity.com/2026/02/when...
Pwning TRUfusion Enterprise again: chaining a pre-auth SSRF (CVE-2025-32355), a default password, and a path traversal (CVE-2025-59793) to gain RCE.
#security
www.rcesecurity.com/2026/02/when...
I’ve updated my blog post about CVE-2025-9501 and included bypasses for all W3 Total Cache versions up to and including the latest 2.8.15. #wordpress #security
www.rcesecurity.com/2025/11/expl...
We took WPScan's one-liner #security advisory for CVE-2025-9501 affecting the W3 Total Cache plugin for #WordPress, analysed its cache parsing internals and built a pre-auth RCE exploit for it 😎
www.rcesecurity.com/2025/11/expl...
#infosec
I try to get Rocket Software to fix my pre-auth SSRF affecting TRUfusion for 8 months now.
Considering I'm doing this for free, and they didn't even bother to credit me last time, I feel they don't really care. Maybe I shouldn't care either and drop a 0day (+chain to RCE)...
#security
Our friends @hashicorp.com released a new version of Consul fixing our reported Denial of Service vulnerabilities (CVE-2025-11374 and CVE-2025-11375).
See our official advisories for the details and remediation steps: www.rcesecurity.com/security-adv...
#security
OK, Rocket Software believes that the likelihood of my unauthenticated RCE "being exploited is rare"...🤦♂️
docs.rocketsoftware.com/bundle/trufu...
#security
Nah, it's only been a very vivid fever dream. It never happened, for sure 😬
30.09.2025 16:02 — 👍 1 🔁 0 💬 0 📌 0
Btw, here's the write-up about the cookie forgery for your pleasure 😉
www.rcesecurity.com/2025/09/when...
Another day, another Remote Code Execution (and its 3 friends).
Pre-auth path traversal, hard-coded crypto key allowing cookie forgery, arbitrary file write, and PII disclosure in TRUfusion Enterprise (CVE-2025-27222 to CVE-2025-27225) #security
www.rcesecurity.com/2025/09/when...
Gosh, why the heck?!
30.08.2025 05:45 — 👍 0 🔁 0 💬 0 📌 0
Remember I wanted to drop more bugs (Pre-Auth RCE, Cookie Forgery etc.) in June?
Unfortunately, I had to postpone the disclosure because there are still too many vulnerable instances online and the vendor apparently needs to manually patch each one... 🤦♂️
#BugBounty #security
I‘d say it’s gonna be option one 🤪 Norway is one of the most beautiful countries on this planet 👌
22.07.2025 12:04 — 👍 0 🔁 0 💬 0 📌 0
"We take our freedom for granted. It’s better to pay the price of convenience and take back ownership of your data."
This is it 💯
#privacy
Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812)
📖 Read more: www.helpnetsecurity.com/2025/07/11/c...
#cybersecurity #cybersecuritynews #exploit #filesharing @censys.bsky.social @rcesecurity.com @mrtuxracer.bsky.social
Yeah, I mean it really depends how you’re using it. Personally, Notion was more of an overpriced idea dump with project management for me. So switching it to Stackfield wasn’t that much of a change 🤷♂️
10.07.2025 16:48 — 👍 1 🔁 0 💬 1 📌 0Although self-hosted Obsidian would do it too 👍
10.07.2025 15:59 — 👍 1 🔁 0 💬 0 📌 0I‘m abusing my Stackfield instance for that 😏
10.07.2025 15:46 — 👍 1 🔁 0 💬 1 📌 0In terms of that, big shout-out to @proton.me for their stance on #privacy and for their Mail/Drive/Pass products that are a perfect alternative to some of these products! Cheers guys! Appreciate your hard work!
10.07.2025 14:49 — 👍 1 🔁 0 💬 0 📌 0
I am a huge fan of the #BuyFromEU movement! So far, I've ditched a lot of US stuff already, including Microsoft, Dropbox, 1Password, Notion, Grammarly, Amazon, Slack, and Google.
This helped a lot: european-alternatives.eu
Good that @proton.me has this feature already 👌
proton.me/support/mail...
Here's an update to the blog post about CVE-2025-47812, which now includes a way to leak a user's password (CVE-2025-27889), but requires a bit of social engineering.
#security #BugBounty
As promised! Here's a root/SYSTEM-level RCE (aka CVE-2025-47812) affecting Wing FTP Server in versions before 7.4.4.
Enjoy 🥷
#security #BugBounty
I'll publish 4 CVEs later today, including one unauthenticated Root/SYSTEM-level RCE.
I'm a bit nervous, TBH, because it potentially affects 15k systems on the internet. But, according to the vendor, most instances should've been updated already 😬
I don’t know why, but this has some very strong jonathandata vibes 😬
25.06.2025 05:52 — 👍 3 🔁 0 💬 1 📌 0A missing SPF record chained with sending an email leading to critical content injection? 🤯
14.06.2025 04:54 — 👍 2 🔁 0 💬 1 📌 0Yeah, I love him too!
11.06.2025 14:59 — 👍 2 🔁 0 💬 0 📌 0Yep, he does this stuff 👍
10.06.2025 15:54 — 👍 2 🔁 0 💬 2 📌 0❤️
06.06.2025 16:55 — 👍 0 🔁 0 💬 0 📌 0
Totally understandable 😬
It caused a long sequence of WTFs on my face when I found it.
I have plenty of public disclosures planned for June:
2x RCE (one as root!),
Full SSRF,
Directory traversal,
Cookie forgery leading to auth bypass,
Multiple information disclosures incl. PII
Link injection leaking clear-text passwords
All pre-auth 🙃
#security #BugBounty