Critical Vulnerabilities Discovered in Kentico Xperience CMS Enable Pre-Auth RCE
%20(1).webp?w=1600&resize=1600,900&ssl=1 "Critical Vulnerabilities Discovered in Kentico Xperience CMS Enable Pre-Auth RCE")
A chain of vulnerabilities in Kentico Xperience CMS 13 allows unauthenticated attackers to execute arbitrary code on unpatched systems. The flaws – including two authentication bypasses and a post-auth path traversal – affect installations using the Staging Service with username/password authentication. Vulnerability Breakdown WT-2025-0006: Staging Service Authentication Bypass The initial attack vector exploits improper WS-Security … Continue reading Critical Vulnerabilities Discovered in Kentico Xperience CMS Enable Pre-Auth RCE
0 Comments