A recently divulged vBulletin flaw was misused in a hacker attack targeting the forums of cyber-security solutions provider Comodo.
The company informed customers that data related to their Comodo Forums account may have been gotten into by threat actors on Sunday after they misused the vBulletin vulnerability.
Comodo revealed that the attackers may have gained usernames, names, email addresses, IP addresses, password hashes and, possibly, social media usernames. Users have been directed to change their passwords as a protection. The company says its forums presently have nearly 245,000 users.
Some users have highlighted Comodo’s key forum at forums.comodo.com is powered by Simple Machines Forum, not vBulletin. Conversely, the company’s main ITarian forum, which is devoted to the ITarian IT management platform, and the forum hosted on forum.comodo.com do seem to depend on vBulletin.
The ITarian forum, which has almost 45,000 registered users, has also cautioned users about a data breach leveraging the recently repaired vBulletin susceptibility.
The vBulletin susceptibility exploited in these attacks is CVE-2019-16759, which allows an unverified attacker to perform random commands on websites powered by vBulletin 5.