Sun. Jan 19th, 2020

CVE-2019-16759: vBulletin 5.x remote code execution vulnerability alert

1 min read

vBulletin is a commercial forum program with tens of thousands of users worldwide and growing rapidly. The forum is structured using the PHP Web language and the MySQL database. Most of the Fortune 500 and Alexa’s top 1 million corporate websites use an Internet forum program. On September 23, 2019, an anonymous researcher announced that vBulletin v5 (5.0.0 to 5.5.4) version has to exploit code for remote code execution. The vulnerability number is CVE number: CVE-2019-16759.

This vulnerability is a remote code execution vulnerability. Based on the number of users worldwide who use the product and the ports exposed on the Internet, a malicious attacker may develop an automated attack program for the vulnerability to automatically populate the backdoor after successful exploitation. The current vulnerability details and test code have been made public.

vBulletin releases a patch to fix this vulnerability. It is strongly recommended to upgrade the security patch in time or deploy security devices such as WAF to monitor the exploit.