New vBulletin zero-day could infect thousands of sites worldwide

Details of a zero-day in the popular Internet forum software vBulletin were published online by an anonymous security researcher.

Following the disclosure, security experts are concerned that the anonymous researcher may have just sparked a wave of forum hacks on the Internet where hackers could take over forums and steal the information they contained in large quantities by publishing details of the unpatched vulnerability.

The published code analysis has shown that an attacker with the zero-day value can execute shell commands on a server running a vBulletin installation. The vulnerability is quite severe because an attacker does not even have to have an account in a particular forum to launch an attack against it.

The zero-day vulnerability found in vBulletin, known as the Remote Code Execution Authentication Vulnerability, is one of the worst types of vulnerabilities that could affect a Web-based platform.

Anonymous disclosure

Details on zero-day in vBulletin have been published on the public "Full Disclosure" mailing list.

Security researchers often uncover security vulnerabilities after informing a company and giving it enough time to fix the problem. In this case, however, it is still unclear whether the anonymous researcher reported the vulnerability directly to the vBulletin team or whether the vulnerability was reported after the company did not resolve the issue quickly enough. Typically, security researchers give companies at least 90 days to resolve any vulnerabilities before they expose them to the public.

At the same time, the disclosure could also be a deliberate malice or sabotage in which the researcher attempts to damage the reputation of MH Sub I, the company behind vBulletin. The researcher could hide his identity by publishing details on zero-day through an anonymous email service. However, if the researcher had reported the zero-day directly to the company, he would have received a bug bounty worth $ 10,000, according to MH Sub-I-Price Chart.

READ  iOS 12.4.1 release date and all iOS 12 features explained

About 0.1 percent of all web sites run a vBulletin forum, and this number may seem small, but billions of internet users could be affected by this zero-day. Fortunately, Zero-Day only affects forums that run vBulletin 5.x. Forums that run earlier versions are therefore safe.

Users responsible for a vBulletin forum should first check which version of the software is running. If you're using the latest version, security researchers have released an unofficial patch to reduce the zero-day effect.

About ZDNet

Spread the good stuff:
This post contains affiliate links, to find out more information, please read our disclaimer.
The price written on this page is true as the time it is written. It may change at any moment.

Related Posts