June 4, 2023

Urban Tech Story | Hundreds of SugarCRM Servers Infected with Malware

Over the past two weeks, hackers exploited a high-risk vulnerability in the SugarCRM system to spread malicious programs to control servers. The vulnerability was discovered in December 2022, when no patch was 0day, the person who disclosed the vulnerability also released the exploit code, saying it was an authentication bypass plus remote code execution vulnerability, which means that the attacker does not need an identity Credentials can remotely run malicious code on a vulnerable server. SugarCRM officially released an announcement on January 5 confirming the vulnerability. Security researchers at Censys, which provides network monitoring services, reported Wednesday that 354 of the 3,059 SugarCRM servers it monitored were infected with malicious programs that implanted backdoors.


Ewen Eagle

I am the founder of Urbantechstory, a Technology based blog. where you find all kinds of trending technology, gaming news, and much more.

View all posts by Ewen Eagle →

Leave a Reply

Your email address will not be published.