Hardcoded machineKey values in a configuration file enabled ViewState deserialization attacks leading to remote code execution. The post Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment appeared first on SecurityWeek .
Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment
Summary + source link. No paywalls, no tracking.