Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Yes, actual threat actors use these techniques even after publication. There is a lot of outdated/misconfigured systems in the wild. A fairly recent example is the defacing of multiple Ukrainian government websites[1], through exploiting a vulnerability fixed and publicised in august 2021. There's also around 10,000 (can't remember where that statistic is from) Huawei routers on the internet vulnerable to an issue from 2015, which are constantly being infected with botnet worms.

[1] https://www.bleepingcomputer.com/news/security/multiple-ukra...



I know web exploits happen all the time first hand.

> all 15 compromised Ukrainian sites were using an outdated version of the October CMS, vulnerable to CVE-2021-32648.

That cve looks like it was caused by someone doing == instead of === in php.

My question was things like request smuggling and protocol abuse attacks have ever been seen in the "wild".




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: