VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

Critical RCE in Weaver E‑cology (CVE‑2026‑22679) Actively Exploited via Debug API

Критическая RCE в Weaver E-cology (CVE-2026-22679) активно эксплуатируется через Debug API

Colleagues, please note: active exploitation of a critical RCE in Weaver E‑cology (CVE‑2026‑22679) has been observed.

- The vulnerability (CVSS 9.8) permits unauthenticated code execution via /papi/esearch/data/devops/dubboApi/debug/method by manipulating interfaceName and methodName parameters.
- Shadowserver recorded exploitation from 31 Mar 2026; QiAnXin reproduced it on 17 Mar; Vega Research Team described a campaign delivering an MSI (fanwei0324.msi), executing discovery commands and fetching PowerShell payloads.
- Kerem Oruc published a Python script to locate vulnerable instances.

Why it matters: unauthenticated RCE provides direct infrastructure access and requires immediate patching.

Have you applied the patch in your environments?

#cybersecurity #vulnerabilities #Weaver #RCE

Latest comments

No comments yet.