RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet
RondoDox Exploits Unpatched XWiki Servers to Pull More Devices Into Its Botnet
15 November 2025
The botnet malware known as RondoDox has been observed targeting unpatched XWiki instances against a critical security flaw that could allow attackers to achieve arbitrary code execution.
The vulnerability in question is CVE-2025-24893 (CVSS score: 9.8), an eval injection bug that could allow any guest user to perform arbitrary remote code execution through a request to the "/bin/get/Main/