The flaws allow remote, unauthenticated attackers to make system changes, access underlying accounts, and inject commands.
Sentire says attacks began June 29 against a CVSS 9.6 OS command injection flaw that enables unauthenticated code execution.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of hackers actively exploiting flaws in Ubiquity ...