Key Findings: RondoDox botnet malware is targeting unpatched XWiki instances to exploit a critical remote code execution vulnerability (CVE-2025-24893). The vulnerability, with a CVSS score of 9.8, allows any guest user to execute arbitrary code through a request to the "/bin/get/Main/SolrSearch" endpoint. The flaw was patched by XWiki in versions 15.10.11, 16.4.1, and 16.5.0RC1 released in late February 2025. Evidence shows the vulnerability has been exploited in the wild si
