GeoServer, Where Various CoinMiner Attacks Occur
AhnLab SEcurity intelligence Center (ASEC) previously covered the case of threat actors exploiting the GeoServer vulnerability to install CoinMiner and NetCat through the “CoinMiner Attacks Exploiting GeoServer Vulnerability” blog. [1] The threat actors have been continuously targeting vulnerable GeoServers to install CoinMiner. This post will cover the identified cases of
GeoServer Security Update Advisory (CVE-2025-58360)
Overview We have released a security update to address a vulnerability in GeoServer. Affected product users are advised to update to the latest version. Affected Products CVE-2025-58360 GeoServer version: 2.26.0 or later and 2.26.1 or earlierGeoServer versions: 2.25.5 and earlier Resolved Vulnerabilities XML
CoinMiner Attacks Exploiting GeoServer Vulnerability
AhnLab SEcurity intelligence Center (ASEC) has confirmed that the unpatched GeoServer is still under continuous attack. Threat actors are scanning for vulnerable GeoServer and installing CoinMiner. ASEC has also identified cases of infection in South Korea. 1. GeoServer Remote Code Execution Vulnerability (CVE-2024-36401) GeoServer is an open-source Geographic Information
GeoServer and GeoTools Security Update Advisory (CVE-2024-36401)
Overview GeoServer(https://geoserver.org/) and GeoTools(https://geotools.org/) have released security updates that address vulnerabilities in their products. users...
