Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources One affects VMware's monitoring tool and the other TP-Link routers
Miscreants are right now exploiting two security bugs for which patches exist, one in a VMware network and applications monitoring tool and the other in some TP-Link routers. VMware two weeks ago issued a fix for CVE-2023-20887, a critical command-injection vulnerability in Aria Operations for Networks that can be abused to achieve remote code execution. Meanwhile, TP-Link patched CVE-2023-1389 in mid-March. This is another command-injection vulnerability that can lead to remote code execution. ...