Adobe ColdFusion is widely used for web app devlopment, there are many instances of CF that can be found on Shodan. CVE-2023-26360 is an unauthenticated attack that can result in arbitrary file read and remote code execution, attackers can gain a shell on it without any user interaction or effort.
CISA has reported this as actively exploited and POCs are well documented and Ive tested this myself.
Adobe ColdFusion is widely used for web app devlopment, there are many instances of CF that can be found on Shodan. CVE-2023-26360 is an unauthenticated attack that can result in arbitrary file read and remote code execution, attackers can gain a shell on it without any user interaction or effort.
CISA has reported this as actively exploited and POCs are well documented and Ive tested this myself.
References: