Long list GeoServer IPs inbound blocked by Mawarebytes

Hi

Malwarebytes Premium blocked a lot of inbound and outbound IPs that my GeoServer (version 2.25.0) uses. What could be the problem when Malwarebytes detects these IPs as malicious websites or compromised? How can I resolve this?

You can see the MB block history here: MB blocks Geo Server IPs — Postimages

Many thanks
Phu Au

– Note from @robe - Moving this to GeoServer User - OSGeo Discourse which was mistakenly sent to General category

That is unsurprising please see CVE-2024-36401 Remote Code Execution (RCE) vulnerability in evaluating property name expressions

It contains advice on this specific issue, and how to stay up to date and informed.

clarification: I assume your machine is compromised and those blocked IPs represent botnet command and control locations.