BigAnt Server 0-Day Vulnerability Lets Attackers Run Malicious Code Remotely
Posted: Tue Mar 04, 2025 1:41 pm
A critical vulnerability in BigAntSoft’s enterprise chat server software has exposed ~50 internet-facing systems to unauthenticated remote code execution attacks.
Designated CVE-2025-0364, this exploit chain enables attackers to bypass authentication protocols, create administrative accounts, and execute malicious PHP code on vulnerable servers running BigAnt Server v5.6.06 and earlier.
https://gbhackers.com/bigant-server-vulnerability/
Designated CVE-2025-0364, this exploit chain enables attackers to bypass authentication protocols, create administrative accounts, and execute malicious PHP code on vulnerable servers running BigAnt Server v5.6.06 and earlier.
https://gbhackers.com/bigant-server-vulnerability/