Tag: server side request forgery

2 articles

Cisco unified communications equipment in a brightly-lit server room setting.

Cisco Patches Critical Unified CM Flaw Exploitable for Root Access

Cisco has patched a critical flaw in its Unified Communications Manager (Unified CM) that allowed hackers to remotely gain root access - a vulnerability that could be exploited with a simple, crafted HTTP request. This security gap could have let attackers take full control of affected devices, so it's crucial that the patch is applied ASAP.

Analyst 207Jun 4, 2026

Rows of computer servers and networking equipment in a brightly-lit server room.

LMDeploy Vulnerability Exploited Within 13 Hours of Disclosure

A critical vulnerability in LMDeploy's vision-language module was exploited in the wild just 13 hours after its disclosure, allowing attackers to access sensitive resources and internal networks. This server-side request forgery flaw, tracked as CVE-2026-33626, affects all versions of the toolkit prior to 0.12.0.

Analyst 207Apr 24, 2026