BeyondTrust CVE-2026-1731 Actively Exploited for Domain Takeover

Attackers exploit a critical BeyondTrust vulnerability, CVE-2026-1731, in the wild to run OS commands and seize full domain control. This unauthenticated flaw hits self-hosted Remote Support (RS) and Privileged Remote Access (PRA) deployments via crafted HTTP requests. The issue scores 9.8 on CVSS. It lets remote actors execute code under site user privileges without login. […] The post BeyondTrust CVE-2026-1731 Actively Exploited for Domain Takeover appeared first on VPN Central.