Update: In a statement to ZDNet, Fortinet criticized Rapid7 for releasing the study and said a patch would be released by the end of the month. "The security of our customers is always our first ...

Fortinet is alerting customers of a critical OS command injection vulnerability in FortiSIEM report server that could be exploited by remote, unauthenticated attackers to execute commands through ...

Zyxel fixes a handful of worrying router flaws ...

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three new flaws in its Known Exploited Vulnerabilities (KEV) catalog, including a critical OS command injection impacting ...

Cisco is warning of a critical security vulnerability found in its Unified industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB) access points that could allow an ...

Security vulnerabilities in some connected video conferencing products could allow hackers to remotely gain control of equipment and use it as a snooping tool. The remote OS command injection ...

The US government has urged software manufacturers to work towards the elimination of operating system (OS) command injection vulnerabilities. The alert from the Cybersecurity and Infrastructure ...

Researchers at Rapid7 today disclosed a critical zero-day vulnerability in Fortinet's FortiWeb Web application firewall (WAF) technology that attackers can exploit to gain complete control of affected ...