CISA adds TP-Link, Apache, Oracle bugs to KEV catalog

3 May 2023

Three actively exploited security flaws impacting TP-Link Archer AX-21 routers, the Apache Log4j2 logging library, and Oracle WebLogic Servers have been added by the Cybersecurity and Infrastructure Security Agency to its Known Exploited Vulnerabilities catalog, reports The Hacker News. Mirai botnet actors have been leveraging the command injection vulnerability in TP-Link Archer AX-21, tracked as CVE-2023-1389, in attacks seeking to achieve remote command execution since April 11, while up to 74 unique IP addresses were observed by GreyNoise to have been used to exploit the RCE flaw in Apache Log4j2, tracked as CVE-2021-45046, during the past month.

Read full article on SC Magazine

Date:

3 May 2023

Categorie(s):

NEWS

Tag(s):

Apache, CISA, IT, Oracle, TP-Link

The IT skills shortage situation is not expected to get any better17 May 2024
Organizations struggle to defend against ransomware17 May 2024
Too many ICS assets are exposed to the public internet17 May 2024
New infosec products of the week: May 17, 202417 May 2024
One big problem SOC teams can actually solve with AI17 May 2024