Craft CMS zero-day exploited to compromise hundreds of vulnerable servers

Craft CMS zero-day exploited to compromise hundreds of vulnerable servers

Two new bugs were recently discovered being chained in attacks.

Critical Craft CMS Flaws Exploited in Wild

Cybersecurity experts are warning website owners after hackers began actively exploiting two critical vulnerabilities in Craft CMS, a content management system, leaving hundreds of servers compromised. The flaws — CVE-2024-58136 and CVE-2025-32432 — were discovered by Orange Cyberdefense’s SensePost team during a forensic investigation in mid-February. Their research revealed that attackers are using these bugs to breach servers, upload maliciou…

Intrusions chaining critical Craft CMS zero-days ongoing

Threat actors have been combining a pair of critical Craft CMS vulnerabilities to facilitate server compromise as part of ongoing attacks, according to BleepingComputer. Introduction to Malware Binary Triage (IMBT) Cou…

Hackers Exploit Critical Craft CMS Flaws; Hundreds Of Servers Likely Compromised - Cybernoz - Cybersecurity News

Apr 28, 2025Ravie LakshmananWeb Application Security / Vulnerability Threat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zero-day attacks to breach servers and gain unauthorized access. The attacks, first observed by Orange Cyberdefense SensePost on February 14, 2025, involve chaining the below vulnerabilities – CVE-2024-58136 (CVSS score: 9.0) – An improper protection of alternate path fla…

Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised

Craft CMS 存在两个严重安全漏洞（CVE-2024-58136 和 CVE-2025-32432），被用于零日攻击入侵服务器。攻击者利用图像转换功能发送 POST 请求获取有效资产 ID 并下载恶意文件。已发现 1.3 万个易受攻击实例，近 300 个被攻破。建议检查日志并采取安全措施。