menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Info. Security News News

>

Over 80,00...
source image

Securityaffairs

3d

read

389

img
dot

Image Credit: Securityaffairs

Over 80,000 servers hit as Roundcube RCE bug gets rapidly exploited

  • A critical remote code execution (RCE) vulnerability in Roundcube, tracked as CVE-2025-49113, was exploited by threat actors just days after the patch release, affecting over 80,000 servers.
  • Roundcube, a popular webmail platform, has been targeted by advanced threat groups in the past, exploiting vulnerabilities for stealing login credentials and spying on communications.
  • The vulnerability, with a CVSS score of 9.9, was discovered by Kirill Firsov and allows attackers to run malicious code on affected systems.
  • The flaw in Roundcube Webmail before versions 1.5.10 and 1.6.x was found in the program/actions/settings/upload.php file.
  • The vulnerability has been patched in versions 1.6.11 and 1.5.10 LTS.
  • Approximately 53 million hosts, including systems like cPanel, Plesk, ISPConfig, and DirectAdmin, are impacted by the flaw.
  • Positive Technologies researchers have confirmed the exploitability of CVE-2025-49113 in Roundcube and advise immediate updating to the latest version.
  • The Shadowserver Foundation noted that around 84,000 unpatched Roundcube instances are exposed on the Internet, posing a significant risk.
  • Data from Shadowserver indicates that over 84,000 Internet-facing servers are still vulnerable to the RCE flaw in Roundcube.
  • The vulnerability has been a target for possible state actors in targeted attacks, emphasizing the critical need for patching.
  • The situation underscores the importance of prompt software updates to mitigate cybersecurity risks and protect against potential exploitation.
  • Users are urged to follow security recommendations and apply patches promptly to safeguard their systems and data.
  • The security community continues to monitor the situation closely and raise awareness about the implications of unpatched vulnerabilities.
  • For further updates, follow security experts on Twitter: @securityaffairs and Facebook for the latest cybersecurity news.
  • Stay informed about emerging threats and best practices in cybersecurity to enhance digital defense measures.

Read Full Article

like

23 Likes

share

5 Shares

For uninterrupted reading, download the app