Vendor
critical
threat
Weaver E-cology Unauthenticated RCE Exploitation
2 rules 2 TTPs 1 CVEA critical unauthenticated remote code execution vulnerability (CVE-2026-22679) in Weaver E-cology office automation software is being actively exploited to execute system commands and reconnaissance activities on affected servers.
exploited
E-cology 10.0 +1
rce
weaver-ecology
cve-2026-22679
exploitation
2r
2t
1c
critical
advisory
Weaver E-office Unauthenticated Arbitrary File Upload Vulnerability
2 rules 2 TTPs 1 CVEWeaver E-office versions prior to 10.0_20221201 are vulnerable to unauthenticated arbitrary file upload in the OfficeServer.php endpoint, allowing attackers to upload PHP webshells and achieve remote code execution.
E-office
cve-2022-50993
file-upload
webshell
rce
2r
2t
1c