Tagged: CVE-2024-20328

February 9, 2024

No Click Required: PoC Available for ClamAV Command Injection Bug (CVE-2024-20328)

A proof-of-concept (PoC) for CVE-2024-20328, a critical vulnerability in ClamAV, a popular open-source antivirus engine, that allows arbitrary code execution, was published. The vulnerability exploits the unsuspecting nature of ClamAV’s VirusEvent...

Vulnerability

February 7, 2024

ClamAV Bugs Expose Users to Command Injection (CVE-2024-20328) and DoS Attacks (CVE-2024-20290)

Recently, Cisco revealed critical vulnerabilities lurking within ClamAV, a widely used open-source antivirus engine. With the potential to wreak havoc across endpoints, cloud services, and web security infrastructure, these vulnerabilities...