10-03-2023, 08:40 AM
Security researchers have discovered two new CVE exploits that can be used to hack into Apache web servers and VMware ESXi servers.
The CVE exploits, which are tracked as CVE-2023-23287 and CVE-2023-21999, allow attackers to gain remote code execution (RCE) on vulnerable servers.
CVE-2023-23287 is a vulnerability in the Apache httpd server that can be exploited to allow attackers to execute arbitrary code on the server.
The vulnerability is caused by an error in the way that the httpd server handles certain types of HTTP requests. CVE-2023-21999 is a vulnerability in the VMware ESXi hypervisor that can be exploited to allow attackers to execute arbitrary code on the ESXi server.
The vulnerability is caused by an error in the way that the ESXi server handles certain types of network traffic.
Both of these CVE exploits are rated as critical by the Common Vulnerability Scoring System (CVSS).
This means that they are very easy to exploit and can have a severe impact on vulnerable systems.
The CVE exploits, which are tracked as CVE-2023-23287 and CVE-2023-21999, allow attackers to gain remote code execution (RCE) on vulnerable servers.
CVE-2023-23287 is a vulnerability in the Apache httpd server that can be exploited to allow attackers to execute arbitrary code on the server.
The vulnerability is caused by an error in the way that the httpd server handles certain types of HTTP requests. CVE-2023-21999 is a vulnerability in the VMware ESXi hypervisor that can be exploited to allow attackers to execute arbitrary code on the ESXi server.
The vulnerability is caused by an error in the way that the ESXi server handles certain types of network traffic.
Both of these CVE exploits are rated as critical by the Common Vulnerability Scoring System (CVSS).
This means that they are very easy to exploit and can have a severe impact on vulnerable systems.
