"CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability"

Based on evidence of active exploitation, the US Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity flaw impacting the ZK Framework to its Known Exploited Vulnerabilities (KEV) catalog. This vulnerability, tracked as CVE-2022-36537, affects ZK Framework versions 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2, and 8.6.4.1, and enables threat actors to retrieve sensitive data via carefully crafted requests. CISA stated that the ZK Framework is an open-source Java framework. Therefore, this vulnerability can affect various products, including ConnectWise R1Soft Server Backup Manager. In May 2022, the flaw was patched in versions 9.6.2, 9.6.0.2, 9.5.1.4, 9.0.1.3, and 8.6.4.2. As Huntress showed in an October 2022 proof-of-concept (PoC), the vulnerability could be exploited to bypass authentication, upload a backdoored JDBC database driver to achieve code execution, and launch ransomware on vulnerable endpoints. This article continues to discuss CISA's warning of the active exploitation of ZK Framework vulnerability. 

THN reports "CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability"