In September 2019, a remote code execution (RCE) vulnerability identified as CVE-2019-16759 was disclosed for vBulletin, a popular forum software. By exploiting this vulnerability, an attacker could have gained privileged access and control over any vBulletin server running versions 5.0.0 up to 5.5.4, and potentially lock organizations out from their own sites. When a patch was released for this vulnerability, attackers were able to bypass the patch, resulting in the vBulletin pre-auth RCE vulnerability CVE-2020-17496. Recently, exploits in the wild leveraging this new vulnerability have been detected. More than 100,000 sites are built on vBulletin, including the forums of major enterprises and organizations, so it’s imperative to patch immediately.