The activity centers on CVE-2024-36401, a remote code execution vulnerability disclosed in 2024 that allows unauthenticated attackers to execute arbitrary commands on vulnerable GeoServer instances. Since disclosure, multiple threat actors have systematically scanned for expos...

The activity centers on CVE-2024-36401, a remote code execution vulnerability disclosed in 2024 that allows unauthenticated attackers to execute arbitrary commands on vulnerable GeoServer instances. Since disclosure, multiple threat actors have systematically scanned for expos...

Source: Wiz
Source Link: https://threats.wiz.io/all-incidents/geoserver-rce-exploited-in-coinminer-campaigns