FediSecfeeds

https://www.cve.org/CVERecord?id=CVE-2025-9583

##

CVE-2025-9584
(6.3 MEDIUM)

EPSS: 1.06%

updated 2025-08-29T16:24:29.730000

1 posts

A vulnerability was found in Comfast CF-N1 2.6.0. Affected by this issue is the function update_interface_png of the file /usr/bin/webmgnt. The manipulation of the argument interface/display_name results in command injection. The attack can be executed remotely. The exploit has been made public and could be used.

cR0w@infosec.exchange at 2025-08-28T20:18:24.000Z ##

@Dio9sys @da_667 Two more Comfast

https://www.cve.org/CVERecord?id=CVE-2025-9584

##

CVE-2025-9577
(2.5 LOW)

EPSS: 0.01%

updated 2025-08-29T16:24:29.730000

1 posts

A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an unknown function of the file /etc/shadow.sample of the component Administrative Interface. The manipulation results in use of default credentials. Attacking locally is a requirement. Attacks of this nature are highly complex. The exploitability is described as difficult. The exploit has been released to

cR0w@infosec.exchange at 2025-08-28T19:56:38.000Z ##

@Dio9sys @da_667 LB-Link

TOTOLINK

Tenda

Comfast

https://www.cve.org/CVERecord?id=CVE-2025-57218

##

CVE-2025-57218
(5.3 MEDIUM)

EPSS: 0.04%

updated 2025-08-29T16:24:29.730000

1 posts

Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a stack overflow via the security_5g parameter in the function sub_46284C.

cR0w@infosec.exchange at 2025-08-28T17:56:28.000Z ##

@Dio9sys @da_667 Another Tenda

##

CVE-2025-55583
(9.8 CRITICAL)

EPSS: 0.92%

updated 2025-08-29T16:24:29.730000

1 posts

D-Link DIR-868L B1 router firmware version FW2.05WWB02 contains an unauthenticated OS command injection vulnerability in the fileaccess.cgi component. The endpoint /dws/api/UploadFile accepts a pre_api_arg parameter that is passed directly to system-level shell execution functions without sanitization or authentication. Remote attackers can exploit this to execute arbitrary commands as root via cr

cR0w@infosec.exchange at 2025-08-28T14:41:16.000Z ##

D-Link

https://www.cve.org/CVERecord?id=CVE-2025-55583

https://stack.chaitin.com/vuldb/detail/b4640952-9be9-4bfa-9d7f-a0be72b35e18

##

CVE-2025-34160
(0 None)

EPSS: 0.64%

updated 2025-08-29T16:24:09.860000

1 posts

AnyShare contains a critical unauthenticated remote code execution vulnerability in the ServiceAgent API exposed on port 10250. The endpoint /api/ServiceAgent/start_service accepts user-supplied input via POST and fails to sanitize command-like payloads. An attacker can inject shell syntax that is interpreted by the backend, enabling arbitrary command execution. The vulnerability is presumed to af

cR0w@infosec.exchange at 2025-08-27T21:43:40.000Z ##

A perfect 10 in AnyShare? Hell yes, please. 🥳

AnyShare contains a critical unauthenticated remote code execution vulnerability in the ServiceAgent API exposed on port 10250. The endpoint /api/ServiceAgent/start_service accepts user-supplied input via POST and fails to sanitize command-like payloads. An attacker can inject shell syntax that is interpreted by the backend, enabling arbitrary command execution. The vulnerability is presumed to affect builds released prior to August 2025 and is said to be remediated in newer versions of the product, though the exact affected range remains undefined.

https://www.cve.org/CVERecord?id=CVE-2025-34160

##

CVE-2025-34161
(0 None)

EPSS: 0.90%

updated 2025-08-29T16:24:09.860000

1 posts

Coolify versions prior to v4.0.0-beta.420.7 are vulnerable to a remote code execution vulnerability in the project deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary shell commands via the Git Repository field during project creation. By submitting a crafted repository string containing command injection syntax, an attacker can execu

1 repos

https://github.com/Eyodav/CVE-2025-34161

cR0w@infosec.exchange at 2025-08-27T17:04:19.000Z ##

Go hack some Coolify shit.

https://www.cve.org/CVERecord?id=CVE-2025-34157

https://www.cve.org/CVERecord?id=CVE-2025-34159

https://www.cve.org/CVERecord?id=CVE-2025-34161

The project maintainer has confirmed that this vulnerability was remediated in version 4.0.0.-beta.420.7 despite not being acknowledged in the release notes.

##

CVE-2025-9527
(8.8 HIGH)

EPSS: 0.08%

updated 2025-08-29T16:24:09.860000

1 posts

A vulnerability was found in Linksys E1700 1.0.0.4.003. This affects the function QoSSetup of the file /goform/QoSSetup. Performing manipulation of the argument ack_policy results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

cR0w@infosec.exchange at 2025-08-27T13:21:19.000Z ##

@Dio9sys @da_667 and

https://www.cve.org/CVERecord?id=CVE-2025-9527

https://www.cve.org/CVERecord?id=CVE-2025-9528

##

CVE-2025-6203
(7.5 HIGH)

EPSS: 0.04%

updated 2025-08-29T16:22:49

1 posts

A malicious user may submit a specially-crafted complex payload that otherwise meets the default request size limit which results in excessive memory and CPU consumption of Vault. This may lead to a timeout in Vault’s auditing subroutine, potentially resulting in the Vault server to become unresponsive. This vulnerability, CVE-2025-6203, is fixed in Vault Community Edition 1.20.3 and Vault Enterpr

cR0w@infosec.exchange at 2025-08-28T20:03:50.000Z ##

Go DoS some Hashicorp Vaults.

https://www.cve.org/CVERecord?id=CVE-2025-6203

##

CVE-2025-9481
(8.8 HIGH)

EPSS: 0.09%

updated 2025-08-29T16:22:31.970000

1 posts

A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function setIpv6 of the file /goform/setIpv6. The manipulation of the argument tunrd_Prefix leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and m

cR0w@infosec.exchange at 2025-08-26T13:52:34.000Z ##

I think I already shared the repo for these Linksys ones, but here are some CVEs.

https://www.cve.org/CVERecord?id=CVE-2025-9481

https://www.cve.org/CVERecord?id=CVE-2025-9482

And a Mistrastar fiber modem one to make up for it:

https://gist.github.com/geraldog/2d07fdedbbb79d822e9df4b75f882a63

https://www.cve.org/CVERecord?id=CVE-2025-39245

##

CVE-2025-39246
(5.3 MEDIUM)

EPSS: 0.03%

updated 2025-08-29T15:31:44

1 posts

There is an Unquoted Service Path Vulnerability in some HikCentral FocSign versions. This could allow an authenticated user to potentially enable escalation of privilege via local access.

cR0w@infosec.exchange at 2025-08-29T13:07:07.000Z ##

It's been a bit since I've public seen Hikvision vulns.

https://www.cve.org/CVERecord?id=CVE-2025-39246

https://www.cve.org/CVERecord?id=CVE-2025-39247

https://www.cve.org/CVERecord?id=CVE-2025-39245

##

CVE-2025-39245
(4.7 MEDIUM)

EPSS: 0.03%

updated 2025-08-29T15:30:38

1 posts

There is a CSV Injection Vulnerability in some HikCentral Master Lite versions. This could allow an attacker to inject executable commands via malicious CSV data.

cR0w@infosec.exchange at 2025-08-29T13:07:07.000Z ##

It's been a bit since I've public seen Hikvision vulns.

https://www.cve.org/CVERecord?id=CVE-2025-39246

https://www.cve.org/CVERecord?id=CVE-2025-39247

https://www.cve.org/CVERecord?id=CVE-2025-9603

##

CVE-2025-9603
(6.3 MEDIUM)

EPSS: 1.08%

updated 2025-08-29T03:30:57

1 posts

A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosu

cR0w@infosec.exchange at 2025-08-29T13:08:29.000Z ##

@Dio9sys @da_667 Telesquare

##

CVE-2025-57217
(5.3 MEDIUM)

EPSS: 0.04%

updated 2025-08-28T21:32:32

1 posts

Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a stack overflow via the Password parameter in the function R7WebsSecurityHandler.

cR0w@infosec.exchange at 2025-08-28T17:31:14.000Z ##

@Dio9sys @da_667 Tenda

https://www.cve.org/CVERecord?id=CVE-2025-57217

##

CVE-2025-9586
(6.3 MEDIUM)

EPSS: 1.06%

updated 2025-08-28T21:31:37

1 posts

A vulnerability was identified in Comfast CF-N1 2.6.0. This vulnerability affects the function wireless_device_dissoc of the file /usr/bin/webmgnt. Such manipulation of the argument mac leads to command injection. The attack may be performed from a remote location. The exploit is publicly available and might be used.

cR0w@infosec.exchange at 2025-08-28T21:11:57.000Z ##

@Dio9sys @da_667 And another one.

https://www.cve.org/CVERecord?id=CVE-2025-9586

##

CVE-2025-9585
(6.3 MEDIUM)

EPSS: 1.06%

updated 2025-08-28T21:31:37

1 posts

A vulnerability was determined in Comfast CF-N1 2.6.0. This affects the function wifilith_delete_pic_file of the file /usr/bin/webmgnt. This manipulation of the argument portal_delete_picname causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.

cR0w@infosec.exchange at 2025-08-28T20:49:59.000Z ##

@Dio9sys @da_667 Another Comfast

https://www.cve.org/CVERecord?id=CVE-2025-9585

##

CVE-2025-9583
(6.3 MEDIUM)

EPSS: 1.06%

updated 2025-08-28T21:31:37

1 posts

A vulnerability has been found in Comfast CF-N1 2.6.0. Affected by this vulnerability is the function ping_config of the file /usr/bin/webmgnt. The manipulation leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

cR0w@infosec.exchange at 2025-08-28T20:18:24.000Z ##

@Dio9sys @da_667 Two more Comfast

https://www.cve.org/CVERecord?id=CVE-2025-9583

https://www.cve.org/CVERecord?id=CVE-2025-9584

##

CVE-2025-9582
(6.3 MEDIUM)

EPSS: 1.06%

updated 2025-08-28T21:31:37

1 posts

A flaw has been found in Comfast CF-N1 2.6.0. Affected is the function ntp_timezone of the file /usr/bin/webmgnt. Executing manipulation of the argument timestr can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used.

cR0w@infosec.exchange at 2025-08-28T20:05:33.000Z ##

@Dio9sys @da_667 Another Comfast

https://www.cve.org/CVERecord?id=CVE-2025-9582

##

CVE-2025-9579
(6.3 MEDIUM)

EPSS: 1.08%

updated 2025-08-28T21:31:37

1 posts

A weakness has been identified in LB-LINK BL-X26 1.2.8. The impacted element is an unknown function of the file /goform/set_hidessid_cfg of the component HTTP Handler. This manipulation of the argument enable causes os command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosu

cR0w@infosec.exchange at 2025-08-28T19:56:38.000Z ##

@Dio9sys @da_667 LB-Link

TOTOLINK

Tenda

Comfast

##

CVE-2025-9581
(6.3 MEDIUM)

EPSS: 1.06%

updated 2025-08-28T21:31:37

1 posts

A vulnerability was detected in Comfast CF-N1 2.6.0. This impacts the function multi_pppoe of the file /usr/bin/webmgnt. Performing manipulation of the argument phy_interface results in command injection. The attack may be initiated remotely. The exploit is now public and may be used.

cR0w@infosec.exchange at 2025-08-28T19:56:38.000Z ##

@Dio9sys @da_667 LB-Link

TOTOLINK

Tenda

Comfast

##

CVE-2025-57219
(5.3 MEDIUM)

EPSS: 0.04%

updated 2025-08-28T21:31:36

1 posts

Incorrect access control in the endpoint /goform/ate of Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 allows attackers to escalate privileges or access sensitive components via a crafted request.

cR0w@infosec.exchange at 2025-08-28T19:56:38.000Z ##

@Dio9sys @da_667 LB-Link

TOTOLINK

Tenda

Comfast

https://www.cve.org/CVERecord?id=CVE-2025-55582

##

CVE-2025-55582
(7.8 HIGH)

EPSS: 0.01%

updated 2025-08-28T21:31:25

1 posts

D-Link DCS-825L firmware v1.08.01 contains a vulnerability in the watchdog script `mydlink-watch-dog.sh`, which blindly respawns binaries such as `dcp` and `signalc` without verifying integrity, authenticity, or permissions. An attacker with local filesystem access (via physical access, firmware modification, or debug interfaces) can replace these binaries with malicious payloads. The script execu

cR0w@infosec.exchange at 2025-08-27T20:23:37.000Z ##

@Dio9sys @da_667 D-Link

##

CVE-2025-9575
(6.3 MEDIUM)

EPSS: 0.92%

updated 2025-08-28T18:30:46

1 posts

A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function cgiMain of the file /cgi-bin/upload.cgi. Executing manipulation of the argument filename can lead to os command injection. The attack may be performed from a remote location. The exploit has been publicly disclosed and

cR0w@infosec.exchange at 2025-08-28T18:24:01.000Z ##

@Dio9sys @da_667 LInksys

https://www.cve.org/CVERecord?id=CVE-2025-9575

https://www.cve.org/CVERecord?id=CVE-2025-9576

##

CVE-2025-9576
(2.5 LOW)

EPSS: 0.01%

updated 2025-08-28T18:30:46

1 posts

A vulnerability was identified in seeedstudio ReSpeaker LinkIt7688. Impacted is an unknown function of the file /etc/shadow of the component Administrative Interface. The manipulation leads to use of default credentials. An attack has to be approached locally. A high degree of complexity is needed for the attack. The exploitability is considered difficult. The exploit is publicly available and mig

cR0w@infosec.exchange at 2025-08-28T18:24:01.000Z ##

@Dio9sys @da_667 LInksys

https://www.cve.org/CVERecord?id=CVE-2025-9575

https://www.cve.org/CVERecord?id=CVE-2025-9576

##

CVE-2025-38676(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-08-28T15:31:45

1 posts

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Avoid stack buffer overflow from kernel cmdline While the kernel command line is considered trusted in most environments, avoid writing 1 byte past the end of "acpiid" if the "str" argument is maximum length.

1 repos

https://github.com/14mb1v45h/CVE-2025-38676

cR0w@infosec.exchange at 2025-08-26T13:23:46.000Z ##

ZOMG stack buffer overflow from Linux kernel cmdline. 😉

https://www.cve.org/CVERecord?id=CVE-2025-38676

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Avoid stack buffer overflow from kernel cmdline While the kernel command line is considered trusted in most environments, avoid writing 1 byte past the end of "acpiid" if the "str" argument is maximum length.

##

CVE-2025-38617(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-08-28T15:30:39

1 posts

In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When packet_set_ring() releases po->bind_lock, another thread can run packet_notifier() and process an NETDEV_UP event. This race and the fix are both similar to that of commit 15fe076edea7 ("net/packet: fix a race in packet_bind() and packet_notifier()"). There

trou@infosec.exchange at 2025-08-28T09:29:11.000Z ##

@buherator Working link: https://u1f383.github.io/linux/2025/08/27/a-quick-note-on-CVE-2025-38617.html

##

CVE-2025-34158
(7.2 HIGH)

EPSS: 0.04%

updated 2025-08-28T00:31:34

3 posts

Plex Media Server (PMS) versions 1.41.7.x through 1.42.0.x are affected by an unspecified security vulnerability reported via Plex’s bug bounty program. While technical details have not been publicly disclosed, the issue was acknowledged by the vendor and resolved in version 1.42.1. The vulnerability may have posed a risk to system integrity, confidentiality, or availability, prompting a strong re

technadu@infosec.exchange at 2025-08-28T13:56:49.000Z ##

🚨 300k+ Plex Media Server instances still vulnerable to CVE-2025-34158.
- Max CVSS
- Remote unauth exploit
- Full compromise risk

Plex urges users: patch → v1.42.1.10060+
💬 Why do people delay updates, even after warnings?

Follow @technadu for more #InfoSec alerts.

##

paul@oldfriends.live at 2025-08-28T09:30:47.000Z ##

300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158 for which Plex has issued a fix for earlier this month.

The flaw’s CVSS score is the highest possible, and can be exploited remotely over the internet, without user interaction or attackers having to authenticate first #selfhosting #plex #cve

https://www.helpnetsecurity.com/2025/08/27/plex-media-server-cve-2025-34158-attack/

https://censys.com/advisory/plex-media-server-vulnerability

##

jos1264@social.skynetcloud.site at 2025-08-27T13:15:02.000Z ##

300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158 https://www.helpnetsecurity.com/2025/08/27/plex-media-server-cve-2025-34158-attack/ #PlexMediaServer #streamingdevice #securityupdate #vulnerability #Don'tmiss #Hotstuff #Censys #News

##

CVE-2018-25115(CVSS UNKNOWN)

EPSS: 0.22%

updated 2025-08-28T00:30:38

1 posts

Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645, and DIR-815 firmware version 1.03, contain a vulnerability in the service.cgi endpoint that allows remote attackers to execute arbitrary system commands without authentication. The flaw stems from improper input handling in the EVENT=CHECKFW parameter, which is passed directly to the system shell wi

cR0w@infosec.exchange at 2025-08-27T21:46:20.000Z ##

Hey, DA, I've got a treat for you. An 8 year old perfect 10 in a D-Link that just got published and the PoC is still on GitHub.

https://www.cve.org/CVERecord?id=CVE-2018-25115

And a SecGate one for fun.

https://www.cve.org/CVERecord?id=CVE-2023-7308

https://www.cve.org/CVERecord?id=CVE-2018-25115

##

CVE-2023-7308(CVSS UNKNOWN)

EPSS: 0.34%

updated 2025-08-28T00:30:30

1 posts

SecGate3600, a network firewall product developed by NSFOCUS, contains a sensitive information disclosure vulnerability in the /cgi-bin/authUser/authManageSet.cgi endpoint. The affected component fails to enforce authentication checks on POST requests to retrieve user data. An unauthenticated remote attacker can exploit this flaw to obtain sensitive information, including user identifiers and conf

cR0w@infosec.exchange at 2025-08-27T21:46:20.000Z ##

Hey, DA, I've got a treat for you. An 8 year old perfect 10 in a D-Link that just got published and the PoC is still on GitHub.

And a SecGate one for fun.

https://www.cve.org/CVERecord?id=CVE-2023-7308

https://www.cve.org/CVERecord?id=CVE-2025-55495

##

CVE-2025-7425
(7.8 HIGH)

EPSS: 0.02%

updated 2025-08-28T00:30:29

1 posts

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.

linux@activitypub.awakari.com at 2025-08-29T07:24:45.000Z ## Debian: libxml2 Critical Memory Corruption Fix CVE-2025-7425 DSA-5990-1 A flaw was found in libxslt, the XSLT 1.0 processing library, where the attribute type, atype, flags are modified in a way th...

#Debian #Linux #Distribution #- #Security #Advisories

Origin | Interest | Match ##

CVE-2025-55495
(6.5 MEDIUM)

EPSS: 0.03%

updated 2025-08-27T21:31:45

1 posts

Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.

cR0w@infosec.exchange at 2025-08-27T20:05:10.000Z ##

@Dio9sys @da_667 Tenda

##

CVE-2025-34159(CVSS UNKNOWN)

EPSS: 0.54%

updated 2025-08-27T18:32:06

1 posts

Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code execution vulnerability in the application deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary Docker Compose directives during project creation. By crafting a malicious service definition that mounts the host root filesystem, an attacker can gain full root ac

1 repos

https://github.com/Eyodav/CVE-2025-34159

cR0w@infosec.exchange at 2025-08-27T17:04:19.000Z ##

Go hack some Coolify shit.

https://www.cve.org/CVERecord?id=CVE-2025-34157

https://www.cve.org/CVERecord?id=CVE-2025-34159

https://www.cve.org/CVERecord?id=CVE-2025-34161

The project maintainer has confirmed that this vulnerability was remediated in version 4.0.0.-beta.420.7 despite not being acknowledged in the release notes.

##

CVE-2025-34157(CVSS UNKNOWN)

EPSS: 0.09%

updated 2025-08-27T18:32:06

1 posts

Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a stored cross-site scripting (XSS) attack in the project creation workflow. An authenticated user with low privileges can create a project with a maliciously crafted name containing embedded JavaScript. When an administrator attempts to delete the project or its associated resource, the payload executes in the admin’s browser context.

1 repos

https://github.com/Eyodav/CVE-2025-34157

cR0w@infosec.exchange at 2025-08-27T17:04:19.000Z ##

Go hack some Coolify shit.

https://www.cve.org/CVERecord?id=CVE-2025-34157

https://www.cve.org/CVERecord?id=CVE-2025-34159

https://www.cve.org/CVERecord?id=CVE-2025-34161

The project maintainer has confirmed that this vulnerability was remediated in version 4.0.0.-beta.420.7 despite not being acknowledged in the release notes.

##

CVE-2025-20317
(7.1 HIGH)

EPSS: 0.03%

updated 2025-08-27T18:32:01

1 posts

A vulnerability in the Virtual Keyboard Video Monitor (vKVM) connection handling of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to redirect a user to a malicious website. This vulnerability is due to insufficient verification of vKVM endpoints. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful e

cR0w@infosec.exchange at 2025-08-27T16:44:47.000Z ##

Cisco published ten new CVEs. Two are sev:HIGH and eight are sev:MED.

https://sec.cloudapps.cisco.com/security/center/publicationListing.x

Nothing too juicy but CVE-2025-20317 looks interesting.

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-vkvmorv-CnKrV7HK

A vulnerability in the Virtual Keyboard Video Monitor (vKVM) connection handling of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to redirect a user to a malicious website.

##

CVE-2025-53853
(9.8 CRITICAL)

EPSS: 0.10%

updated 2025-08-27T18:12:28.503000

1 posts

A heap-based buffer overflow vulnerability exists in the ISHNE parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted ISHNE ECG annotations file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

AAKL@infosec.exchange at 2025-08-27T15:22:06.000Z ##

Cisco has tagged GCC Productions Inc. for zero-day reports, impacting CVE-2025-54462 and CVE-2025-53853 https://talosintelligence.com/vulnerability_info @TalosSecurity #cybersecurity #Infosec #zeroday

##

CVE-2025-9478
(8.8 HIGH)

EPSS: 0.07%

updated 2025-08-27T15:34:17

1 posts

Use after free in ANGLE in Google Chrome prior to 139.0.7258.154 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

1 repos

https://github.com/Kamgreen50/STIG-Edge-RCE-CVE2025-9478

beyondmachines1@infosec.exchange at 2025-08-27T20:01:17.000Z ##

Google releases emergency update for Chrome, patches critical flaw in ANGLE graphics library

Google released an urgent Chrome security update on August 26, 2025, to patch CVE-2025-9478, a critical use-after-free vulnerability in the ANGLE graphics library that allows attackers to execute arbitrary code on systems through malicious web pages.

**Once again - an urgent patch for Chrome - Google is patching an actively exploited flaw in Chrome, and exploitation is just a visit to a malicious site. Update all your Chrome and Chromium browsers (Edge, Opera, Brave, Vivaldi...). Updating the browser is easy, all your tabs reopen after the patch.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/google-releases-emergency-update-for-chrome-patches-critical-flaw-in-angle-graphics-library-3-3-6-2-x/gD2P6Ple2L

##

CVE-2025-55526
(9.1 CRITICAL)

EPSS: 0.35%

updated 2025-08-27T15:34:16

1 posts

n8n-workflows Main Commit ee25413 allows attackers to execute a directory traversal via the download_workflow function within api_server.py

cR0w@infosec.exchange at 2025-08-26T14:01:15.000Z ##

../ in n8n-workflows.

https://github.com/Zie619/n8n-workflows/issues/48

https://www.cve.org/CVERecord?id=CVE-2025-55526

##

CVE-2025-9533
(7.3 HIGH)

EPSS: 0.08%

updated 2025-08-27T15:33:22

1 posts

A vulnerability has been found in TOTOLINK T10 4.1.8cu.5241_B20210927. Affected is an unknown function of the file /formLoginAuth.htm. The manipulation of the argument authCode with the input 1 leads to improper authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

cR0w@infosec.exchange at 2025-08-27T15:05:01.000Z ##

@Dio9sys @da_667 TOTOLINK

https://www.cve.org/CVERecord?id=CVE-2025-9533

##

CVE-2025-9528
(4.7 MEDIUM)

EPSS: 0.20%

updated 2025-08-27T15:33:21

1 posts

A vulnerability was determined in Linksys E1700 1.0.0.4.003. This vulnerability affects the function systemCommand of the file /goform/systemCommand. Executing manipulation of the argument command can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respon

cR0w@infosec.exchange at 2025-08-27T13:21:19.000Z ##

@Dio9sys @da_667 and

https://www.cve.org/CVERecord?id=CVE-2025-9527

https://www.cve.org/CVERecord?id=CVE-2025-9528

##

CVE-2025-9525
(8.8 HIGH)

EPSS: 0.08%

updated 2025-08-27T15:33:21

1 posts

A flaw has been found in Linksys E1700 1.0.0.4.003. Affected by this vulnerability is the function setWan of the file /goform/setWan. This manipulation of the argument DeviceName/lanIp causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

cR0w@infosec.exchange at 2025-08-27T13:09:11.000Z ##

@Dio9sys @da_667 And some Linksys.

https://www.cve.org/CVERecord?id=CVE-2025-9525

https://www.cve.org/CVERecord?id=CVE-2025-9526

##

CVE-2025-9526
(8.8 HIGH)

EPSS: 0.08%

updated 2025-08-27T15:33:21

1 posts

A vulnerability has been found in Linksys E1700 1.0.0.4.003. Affected by this issue is the function setSysAdm of the file /goform/setSysAdm. Such manipulation of the argument rm_port leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any

cR0w@infosec.exchange at 2025-08-27T13:09:11.000Z ##

@Dio9sys @da_667 And some Linksys.

https://www.cve.org/CVERecord?id=CVE-2025-9525

https://www.cve.org/CVERecord?id=CVE-2025-9526

##

CVE-2025-43728
(9.7 CRITICAL)

EPSS: 0.10%

updated 2025-08-27T15:33:15

1 posts

Dell ThinOS 10, versions prior to 2508_10.0127, contain a Protection Mechanism Failure vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass.

cR0w@infosec.exchange at 2025-08-27T13:57:09.000Z ##

Ooh, maybe go hack / patch some Dell ThinOS shit.

https://www.dell.com/support/kbdoc/en-us/000359619/dsa-2025-331

sev:CRIT 9.6 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Dell ThinOS 10, versions prior to 2508_10.0127, contain a Protection Mechanism Failure vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass.

https://www.cve.org/CVERecord?id=CVE-2025-43728

##

CVE-2025-7775
(9.8 CRITICAL)

EPSS: 12.25%

updated 2025-08-27T14:26:22.103000

35 posts

Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servic

3 repos

https://github.com/rxerium/CVE-2025-7775

https://github.com/hacker-r3volv3r/CVE-2025-7775-PoC

https://github.com/Aaqilyousuf/CVE-2025-7775-vulnerable-lab

GossiTheDog@cyberplace.social at 2025-09-01T13:40:24.000Z ##

.@shadowserver results on CVE-2025-7775 patchin'

A take away - realistically, about 1/3rds of boxes don't get patched for in the wild exploited vulns in remote access systems after a week.

##

pupuweb@mastodon.social at 2025-08-31T16:09:12.000Z ##

URGENT: 183,900 Citrix NetScaler systems under active attack! CVE-2025-7775 (9.2/10) being exploited now. Immediate patching required for ADC/Gateway 14.1, 13.1 versions. EOL users must upgrade ASAP! Update to secure versions now! #CitrixSecurity #CriticalVuln #CVE

https://pupuweb.com/critical-citrix-security-alert-how-protect-netscaler-systems-devastating-attacks/

##

GossiTheDog@cyberplace.social at 2025-08-31T15:27:59.000Z ##

Updated scan results for CVE-2025-7775 aka CitrixDeelb

https://github.com/GossiTheDog/scanning/blob/main/CVE-2025-7775-Citrix-Netscaler.csv

Next results probably Tuesday

##

GossiTheDog@cyberplace.social at 2025-09-01T13:40:24.000Z ##

.@shadowserver results on CVE-2025-7775 patchin'

A take away - realistically, about 1/3rds of boxes don't get patched for in the wild exploited vulns in remote access systems after a week.

##

GossiTheDog@cyberplace.social at 2025-08-31T15:27:59.000Z ##

Updated scan results for CVE-2025-7775 aka CitrixDeelb

https://github.com/GossiTheDog/scanning/blob/main/CVE-2025-7775-Citrix-Netscaler.csv

Next results probably Tuesday

##

GossiTheDog@cyberplace.social at 2025-08-29T16:57:41.000Z ##

Updated scan results for CVE-2025-7775 aka CitrixDeelb https://raw.githubusercontent.com/GossiTheDog/scanning/refs/heads/main/CVE-2025-7775-Citrix-Netscaler.csv

Next results on Sunday

##

doublepulsar.com@bsky.brid.gy at 2025-08-28T21:22:30.241Z ##

New by me - Citrix have forgot to tell you a zero day was under exploitation earlier this year to successfully backdoor devices at "critical" organisations, and no vendor released technical details. More to come, including on CVE-2025-7775 too. doublepulsar.com/citrix-forgo...

Citrix forgot to tell you CVE-...

##

AAKL@infosec.exchange at 2025-08-28T19:19:23.000Z ##

Shadowserver's statistics were updated yesterday: https://dashboard.shadowserver.org/statistics/combined/tree/?date_range=1&source=exchange&source=exchange6&source=http_vulnerable&source=http_vulnerable6&tag=cve-2025-7775%2B&data_set=count&scale=log&auto_update=on

The Register: Thousands of Citrix NetScaler boxes still sitting ducks despite patches https://www.theregister.com/2025/08/28/thousands_of_citrix_netscaler_boxes/ @theregister #Citrix #cybersecurity #infosec

##

jos1264@social.skynetcloud.site at 2025-08-28T18:00:03.000Z ##

CVE-2025-7775 Vulnerability: A New Critical NetScaler RCE Zero-Day Under Active Exploitation – Source: socprime.com https://ciso2ciso.com/cve-2025-7775-vulnerability-a-new-critical-netscaler-rce-zero-day-under-active-exploitation-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #CitrixNetScaler #CVE-2025-7775 #Latestthreats #Vulnerability #socprimecom #socprime #Blog #CVE

##

mttaggart@infosec.exchange at 2025-08-28T17:05:13.000Z ##

Lemme save you the trouble: this is just slop.

https://github.com/hacker-r3volv3r/CVE-2025-7775-PoC

##

GossiTheDog@cyberplace.social at 2025-08-28T08:57:20.000Z ##

I've published scan results for CVE-2025-7775 (CitrixDeelb - which Bleed is spelt backwards as the CVE number is reverse of CitrixBleed2 :catjam: )

Columns = IP, SSL hostnames, firmware version, vulnerable to CVE-2025-7775 exploitation.

https://raw.githubusercontent.com/GossiTheDog/scanning/refs/heads/main/CVE-2025-7775-Citrix-Netscaler.csv

##

jos1264@social.skynetcloud.site at 2025-08-28T08:20:03.000Z ##

Over 28,000 Citrix instances remain exposed to critical RCE flaw CVE-2025-7775 – Source: securityaffairs.com https://ciso2ciso.com/over-28000-citrix-instances-remain-exposed-to-critical-rce-flaw-cve-2025-7775-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #CVE-2025-7775 #BreakingNews #SecurityNews #hackingnews #Security #hacking #Citrix

##

GossiTheDog@cyberplace.social at 2025-08-27T18:54:46.000Z ##

Cloud Software Group, who own Netscaler, have published their own blog about CVE-2025-7775 (CitrixDeelb)

https://www.netscaler.com/blog/news/critical-security-update-announced-for-netscaler-gateway-and-netscaler/

...however they've incorrectly said it applies to IPv6 setups only. This is wrong. They've missed the "OR" statements from their own advisory.

##

GossiTheDog@cyberplace.social at 2025-08-27T18:52:43.000Z ##

The NCSC have published an advisory on CVE-2025-7775 (CitrixDeelb), saying it is highly likely it will be mass exploited:

https://advisories.ncsc.nl/2025/ncsc-2025-0268.html

They've also published a script to check for post exploitation, i.e. backdoor access which persists post patching: https://github.com/NCSC-NL/citrix-2025/blob/main/live-host-bash-check/TLPCLEAR_check_script_cve-2025-6543-v1.8.sh

##

oversecurity@mastodon.social at 2025-08-27T17:10:06.000Z ##

Over 28,000 Citrix devices vulnerable to new exploited RCE flaw

More than 28,200 Citrix instances are vulnerable to a critical remote code execution vulnerability tracked as CVE-2025-7775 that is already being...

🔗️ [Bleepingcomputer] https://link.is.it/gkYlgJ

##

jbhall56@infosec.exchange at 2025-08-27T12:53:34.000Z ##

The CVE-2025-7775 flaw is a memory overflow bug that can lead to unauthenticated, remote code execution on vulnerable devices. https://www.bleepingcomputer.com/news/security/citrix-fixes-critical-netscaler-rce-flaw-exploited-in-zero-day-attacks/

##

ErikJonker@mastodon.social at 2025-08-27T11:31:43.000Z ##

Nice dashboard for current CVE-2025-7775 RCE vulnerability.
https://dashboard.shadowserver.org/statistics/combined/tree/?date_range=1&source=exchange&source=exchange6&source=http_vulnerable&source=http_vulnerable6&tag=cve-2025-7775%2B&data_set=count&scale=log&auto_update=on
#citrix #netscaler #cybersecurity

##

benzogaga33@mamot.fr at 2025-08-27T09:40:02.000Z ##

Citrix NetScaler – CVE-2025-7775 : une nouvelle zero-day exploitée dans des attaques ! https://www.it-connect.fr/citrix-netscaler-cve-2025-7775-une-nouvelle-zero-day-exploitee-dans-des-attaques/ #ActuCybersécurité #Vulnérabilités #Cybersécurité #Citrix

##

beyondmachines1@infosec.exchange at 2025-08-27T08:01:17.000Z ##

Citrix patches multiple flaws in NetScaler, including one actively exploited

Citrix released emergency patches for three NetScaler ADC and Gateway vulnerabilities, including a critical zero-day (CVE-2025-7775) that is being actively exploited and allows remote code execution. CISA added the flaw it to the Known Exploited Vulnerabilities catalog.

**If you have Citrix NetScaler ADC or Gateway appliances, time for an urgent patch. There's another flaw in NetScaler that's actively exploited. And hackers love Citrix. You can't hide it from the internet because it's a gateway, so you better start patching.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/citrix-patches-multiple-flaws-in-netscaler-including-one-actively-exploited-4-v-1-5-2/gD2P6Ple2L

##

technadu@infosec.exchange at 2025-08-27T07:26:06.000Z ##

🚨 NetScaler Zero-Day Exploited 🚨
Citrix confirms CVE-2025-7775 (pre-auth RCE/DoS) is being exploited in the wild.

🔹 Exploits deliver webshells → persistent backdoors
🔹 No workarounds, patches only
🔹 Multiple NetScaler zero-days have been hammered this year
Why do you think Citrix appliances are such a repeated attack surface?

💬 Reply & follow @technadu for real-time #InfoSec coverage.

#CyberSecurity #ZeroDay #Citrix #NetScaler #CVE20257775

##

technadu@infosec.exchange at 2025-08-27T06:33:51.000Z ##

🚨 New KEV Alert from CISA:
CVE-2025-7775 – Citrix NetScaler Memory Overflow Vulnerability has been added to the Known Exploited Vulnerabilities catalog.
⚠️ Actively exploited.
⚠️ Significant risk to federal enterprise and beyond.
💬 How fast should orgs move when a KEV is published?
Follow @technadu for ongoing cyber risk coverage.

#CISA #CyberSecurity #CVE #Infosec

##

jos1264@social.skynetcloud.site at 2025-08-27T06:20:01.000Z ##

CVE-2025-7775: Citrix NetScaler ADC and NetScaler Gateway Zero-Day Remote Code Execution Vulnerability Exploited in the Wild – Source: securityboulevard.com https://ciso2ciso.com/cve-2025-7775-citrix-netscaler-adc-and-netscaler-gateway-zero-day-remote-code-execution-vulnerability-exploited-in-the-wild-source-securityboulevard-com/ #rssfeedpostgeneratorecho #SecurityBloggersNetwork #CyberSecurityNews #SecurityBoulevard

##

jos1264@social.skynetcloud.site at 2025-08-26T23:55:03.000Z ##

Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775 – Source:thehackernews.com https://ciso2ciso.com/citrix-patches-three-netscaler-flaws-confirms-active-exploitation-of-cve-2025-7775-sourcethehackernews-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #TheHackerNews #Citrix

##

oversecurity@mastodon.social at 2025-08-26T21:50:54.000Z ##

Citrix fixes critical NetScaler RCE flaw exploited in zero-day attacks

Citrix fixed three NetScaler ADC and NetScaler Gateway flaws today, including a critical remote code execution flaw tracked as CVE-2025-7775 that...

🔗️ [Bleepingcomputer] https://link.is.it/ZUZ5Hr

##

cisakevtracker@mastodon.social at 2025-08-26T21:00:49.000Z ##

CVE ID: CVE-2025-7775
Vendor: Citrix
Product: NetScaler
Date Added: 2025-08-26
Notes: https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938 ; https://nvd.nist.gov/vuln/detail/CVE-2025-7775
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-7775

##

GossiTheDog@cyberplace.social at 2025-08-26T19:02:23.000Z ##

Internet scanning for hosts vulnerable to CVE-2025-7775 (CitrixDeelb) has begun, will put up results tomorrow or Friday.

##

jos1264@social.skynetcloud.site at 2025-08-26T18:30:03.000Z ##

Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775 https://thehackernews.com/2025/08/citrix-patches-three-netscaler-flaws.html

##

jos1264@social.skynetcloud.site at 2025-08-26T18:30:02.000Z ##

Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775 https://thehackernews.com/2025/08/citrix-patches-three-netscaler-flaws.html

##

jos1264@social.skynetcloud.site at 2025-08-26T18:30:02.000Z ##

Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775 https://thehackernews.com/2025/08/citrix-patches-three-netscaler-flaws.html

##

AAKL@infosec.exchange at 2025-08-26T17:45:49.000Z ##

Citrix: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424 https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938&articleTitle=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2025_7775_CVE_2025_7776_and_CVE_2025_8424

The Hacker News: Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775 https://thehackernews.com/2025/08/citrix-patches-three-netscaler-flaws.html @thehackernews #cybersecurity #infosec

##

catc0n@infosec.exchange at 2025-08-26T17:28:44.000Z ##

New Citrix #NetScaler 0day pokes its head above the wall. CVE-2025-7775 has been added to VulnCheck KEV (it's free!)

https://www.vulncheck.com/blog/new-citrix-netscaler-zero-day-vulnerability-exploited-in-the-wild

##

jos1264@social.skynetcloud.site at 2025-08-26T14:40:01.000Z ##

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) https://www.helpnetsecurity.com/2025/08/26/netscaler-adc-gateway-zero-day-exploited-by-attackers-cve-2025-7775/ #Don'tmiss #NetScaler #Hotstuff #backdoor #webshell #Citrix #0-day #News

##

cert_fr@social.numerique.gouv.fr at 2025-08-26T14:27:11.000Z ##

⚠️ Alerte CERT-FR ⚠️

La vulnérabilité CVE-2025-7775 est activement exploitée et permet d'effectuer une exécution de code arbitraire à distance sur toutes les versions de Citrix NetScaler ADC et NetScaler Gateway. Un correctif est disponible.

https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-012/

##

cR0w@infosec.exchange at 2025-08-26T13:25:26.000Z ##

The new NetScaler CVEs for the EITW 0days are published. No, not those ones. No, not those ones either. These are new ones. Yes, newer than those new ones you're thinking of.

https://www.cve.org/CVERecord?id=CVE-2025-7775

https://www.cve.org/CVERecord?id=CVE-2025-7776

##

GossiTheDog@cyberplace.social at 2025-08-26T12:28:22.000Z ##

There’s a bunch of new Netscaler vulns being exploited as zero days. Patches just out now.

Preauth RCE being used to drop webshells to backdoor orgs. CVE-2025-7775 is the main problem.

Orgs will need to do IR afterwards as technical details emerge of backdoor.

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938&articleTitle=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2025_7775_CVE_2025_7776_and_CVE_2025_8424

##

CVE-2025-29517
(6.8 MEDIUM)

EPSS: 0.10%

updated 2025-08-26T21:32:13

1 posts

D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the traceroute6 function.

cR0w@infosec.exchange at 2025-08-25T14:23:27.000Z ##

D-Link

##

CVE-2025-23307
(7.8 HIGH)

EPSS: 0.02%

updated 2025-08-26T21:31:17

1 posts

NVIDIA NeMo Curator for all platforms contains a vulnerability where a malicious file created by an attacker could allow code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.

AAKL@infosec.exchange at 2025-08-26T15:18:13.000Z ##

Two new listings by Nvidia:

High severity: NVIDIA NeMo Curator -CVE-2025-23307, code injection vulnerability affecting Windows. Linux, MacOS https://nvidia.custhelp.com/app/answers/detail/a_id/5690

High severity: NVIDIA NeMo Framework, affecting several CVEs: https://nvidia.custhelp.com/app/answers/detail/a_id/5689 #Nvidia #cybersecurity #infosec

##

CVE-2025-29525
(5.3 MEDIUM)

EPSS: 0.04%

updated 2025-08-26T18:32:22

1 posts

DASAN GPON ONU H660WM OS version H660WMR210825 Hardware version DS-E5-583-A1 was discovered to contain insecure default credentials in the modem's control panel.

cR0w@infosec.exchange at 2025-08-25T14:40:53.000Z ##

And more D-Link:

And a few DASAN ones to mix it up:

##

CVE-2025-29524
(6.5 MEDIUM)

EPSS: 0.03%

updated 2025-08-26T18:32:22

1 posts

Incorrect access control in the component /cgi-bin/system_diagnostic_main.asp of DASAN GPON ONU H660WM H660WMR210825 allows attackers to access sensitive information.

cR0w@infosec.exchange at 2025-08-25T14:40:53.000Z ##

And more D-Link:

And a few DASAN ones to mix it up:

##

CVE-2025-29521
(5.3 MEDIUM)

EPSS: 0.04%

updated 2025-08-26T18:32:22

1 posts

Insecure default credentials for the Adminsitrator account of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to escalate privileges via a bruteforce attack.

cR0w@infosec.exchange at 2025-08-25T14:40:53.000Z ##

And more D-Link:

And a few DASAN ones to mix it up:

##

CVE-2025-29522
(6.5 MEDIUM)

EPSS: 4.33%

updated 2025-08-26T18:32:22

1 posts

D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the ping function.

cR0w@infosec.exchange at 2025-08-25T14:40:53.000Z ##

And more D-Link:

And a few DASAN ones to mix it up:

##

CVE-2025-29520
(5.3 MEDIUM)

EPSS: 0.04%

updated 2025-08-26T16:15:33.833000

1 posts

Incorrect access control in the Maintenance module of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows authenticated attackers with low-level privileges to arbitrarily change the high-privileged account passwords and escalate privileges.

cR0w@infosec.exchange at 2025-08-25T14:40:53.000Z ##

And more D-Link:

And a few DASAN ones to mix it up:

https://www.cve.org/CVERecord?id=CVE-2025-29519

##

CVE-2025-29519
(5.3 MEDIUM)

EPSS: 4.00%

updated 2025-08-26T16:15:33.623000

1 posts

A command injection vulnerability in the EXE parameter of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to execute arbitrary commands via supplying a crafted GET request.

cR0w@infosec.exchange at 2025-08-25T14:35:27.000Z ##

@Dio9sys @da_667 Another one:

##

CVE-2025-9482
(8.8 HIGH)

EPSS: 0.09%

updated 2025-08-26T15:31:08

1 posts

A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This impacts the function portRangeForwardAdd of the file /goform/portRangeForwardAdd. The manipulation of the argument ruleName/schedule/inboundFilter/TCPPorts/UDPPorts results in stack-based buffer overflow. The attack can be executed remotely. The ex

cR0w@infosec.exchange at 2025-08-26T13:52:34.000Z ##

I think I already shared the repo for these Linksys ones, but here are some CVEs.

https://www.cve.org/CVERecord?id=CVE-2025-9481

https://www.cve.org/CVERecord?id=CVE-2025-9482

And a Mistrastar fiber modem one to make up for it:

https://gist.github.com/geraldog/2d07fdedbbb79d822e9df4b75f882a63

https://www.cve.org/CVERecord?id=CVE-2025-8424

##

CVE-2025-8424(CVSS UNKNOWN)

EPSS: 0.03%

updated 2025-08-26T15:31:07

2 posts

Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway when an attacker can get access to the appliance NSIP, Cluster Management IP or local GSLB Site IP or SNIP with Management Access

AAKL@infosec.exchange at 2025-08-26T17:45:49.000Z ##

Citrix: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424 https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938&articleTitle=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2025_7775_CVE_2025_7776_and_CVE_2025_8424

The Hacker News: Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775 https://thehackernews.com/2025/08/citrix-patches-three-netscaler-flaws.html @thehackernews #cybersecurity #infosec

##

cR0w@infosec.exchange at 2025-08-26T13:30:00.000Z ##

Ope, there's another one published.

##

CVE-2025-8627(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-08-26T15:30:57

1 posts

The TP-Link KP303 Smartplug can be issued unauthenticated protocol commands that may cause unintended power-off condition and potential information leak. This issue affects TP-Link KP303 (US) Smartplug: before 1.1.0.

cR0w@infosec.exchange at 2025-08-25T22:00:02.000Z ##

TP-Link

https://www.cve.org/CVERecord?id=CVE-2025-8627

https://github.com/ppd520/CVE-2025-48384

##

CVE-2025-50674
(7.8 HIGH)

EPSS: 0.02%

updated 2025-08-26T15:30:56

1 posts

An issue was discovered in the changePassword method in file /usr/share/php/openmediavault/system/user.inc in OpenMediaVault 7.4.17 allowing local authenticated attackers to escalate privileges to root.

obivan@infosec.exchange at 2025-08-26T20:09:18.000Z ##

Finding and Exploiting CVE-2025-50674 in OpenMediaVault https://xbz0n.sh/blog/CVE-2025-50674

##

CVE-2025-48384
(8.0 HIGH)

EPSS: 4.08%

updated 2025-08-26T14:45:27.957000

5 posts

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializ

37 repos

https://github.com/f1shh/CVE-2025-48384

https://github.com/kallydev/cve-2025-48384-hook

https://github.com/wzx5002/CVE-2025-48384

https://github.com/beishanxueyuan/CVE-2025-48384-test

https://github.com/nguyentranbaotran/cve-2025-48384-poc

https://github.com/altm4n/cve-2025-48384-hub

https://github.com/p1026/CVE-2025-48384

https://github.com/fishyyh/CVE-2025-48384

https://github.com/ECHO6789/CVE-2025-48384-submodule

https://github.com/butyraldehyde/CVE-2025-48384-PoC

https://github.com/acheong08/CVE-2025-48384

https://github.com/liamg/CVE-2025-48384-submodule

https://github.com/beishanxueyuan/CVE-2025-48384

https://github.com/greatyy/CVE-2025-48384-p

https://github.com/jideasn/cve-2025-48384

https://github.com/fluoworite/CVE-2025-48384

https://github.com/jacobholtz/CVE-2025-48384-submodule

https://github.com/simplyfurious/CVE-2025-48384-submodule_test

https://github.com/wzx5002/totallynotsuspicious

https://github.com/admin-ping/CVE-2025-48384-RCE

https://github.com/Anezatraa/CVE-2025-48384-submodule

https://github.com/replicatorbot/CVE-2025-48384

https://github.com/elprogramadorgt/CVE-2025-48384

https://github.com/butyraldehyde/CVE-2025-48384-PoC-Part2

https://github.com/fluoworite/CVE-2025-48384-sub

https://github.com/jacobholtz/CVE-2025-48384-poc

https://github.com/NigelX/CVE-2025-48384

https://github.com/testdjshan/CVE-2025-48384

https://github.com/IK-20211125/CVE-2025-48384

https://github.com/fishyyh/CVE-2025-48384-POC

https://github.com/vinieger/vinieger-CVE-2025-48384-Dockerfile

https://github.com/liamg/CVE-2025-48384

https://github.com/altm4n/cve-2025-48384

https://github.com/replicatorbot/CVE-2025-48384-POC

https://github.com/eliox01/CVE-2025-48384

https://github.com/arun1033/CVE-2025-48384

knoppix95@mastodon.social at 2025-08-28T08:02:55.000Z ##

CISA warns of active exploits targeting a Git flaw (CVE-2025-48384) enabling arbitrary code execution via malicious submodules 🧠
Git mishandles \r in config files—attackers can hijack machines when users clone tainted repos ⚠️
Patch deadline for U.S. agencies: Sept 15 ⏳
Fixes available in Git 2.43.7+ 🔧

Also added: Citrix Session Recording RCE & privilege escalation bugs 🖥️

https://www.bleepingcomputer.com/news/security/cisa-warns-of-actively-exploited-git-code-execution-flaw/

#CyberSecurity #Git #CISA #InfoSec #ZeroDay #DevSecOps #Code #Citrix #Security #OpenSource #CVE

##

beyondmachines1@infosec.exchange at 2025-08-26T19:01:17.000Z ##

CISA warns of active exploitation of Git flaw

CISA is warning of active exploitation of CVE-2025-48384, a Git vulnerability that allows attackers to achieve arbitrary file writes and code execution when users clone malicious repositories containing submodules by exploiting inconsistent carriage return handling in configuration files.

**Update your local Git to the latest patched version (v2.50.1 or newer). This exploit allows attackers to execute malicious code when you clone repositories. Until patched, avoid using git clone --recursive on any repositories from untrusted sources, and be extra cautious when cloning repos with submodules from external developers or public repositories.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-warns-of-active-exploitation-of-git-flaw-t-l-0-b-d/gD2P6Ple2L

##

jos1264@social.skynetcloud.site at 2025-08-26T11:25:02.000Z ##

Git vulnerability leading to RCE is being exploited by attackers (CVE-2025-48384) https://www.helpnetsecurity.com/2025/08/26/git-vulnerability-exploited-cve-2025-48384/ #softwaredevelopment #vulnerability #Don'tmiss #Hotstuff #News #CISA #Git #PoC

##

cisakevtracker@mastodon.social at 2025-08-25T18:00:54.000Z ##

CVE ID: CVE-2025-48384
Vendor: Git
Product: Git
Date Added: 2025-08-25
Notes: This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9 ; https://access.redhat.com/errata/RHSA-2025:13933 ; https://alas.aws.amazon.com/AL2/ALAS2-2025-2941.html ; https://linux.oracle.com/errata/ELSA-2025-11534.html ; https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48384 ; https://nvd.nist.gov/vuln/detail/CVE-2025-48384
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-48384

##

cR0w@infosec.exchange at 2025-08-25T17:17:40.000Z ##

CISA added CVE-2025-48384, CVE-2024-8069, and CVE-2024-8068 to the KEV Catalog.

##

CVE-2024-8069
(8.0 HIGH)

EPSS: 44.54%

updated 2025-08-26T14:44:23.440000

3 posts

Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server

1 repos

https://github.com/XiaomingX/cve-2024-8069-exp-Citrix-Virtual-Apps-XEN

beyondmachines1@infosec.exchange at 2025-08-26T12:01:18.000Z ##

Cisa warns of actively exploited flaws in Citrix

CISA is warning of active exploitation of two Citrix Session Recording vulnerabilities (CVE-2024-8069 and CVE-2024-8068) that allow authenticated attackers to achieve code execution and privilege escalation within corporate networks. Despite patches being available since November 2024, many organizations are vulnerable to ongoing attacks.

**If you are using Citrix and Virtual apps, the time for debate is over. Yes, the severity is low, but the flaws are being exploited. So don't wait, update your Citrix installations NOW!**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-issues-alert-on-citrix-flaws-actively-exploited-by-hackers-gbhackers-7-g-h-3-2/gD2P6Ple2L

##

cisakevtracker@mastodon.social at 2025-08-25T18:01:25.000Z ##

CVE ID: CVE-2024-8069
Vendor: Citrix
Product: Session Recording
Date Added: 2025-08-25
Notes: https://support.citrix.com/external/article/691941/citrix-session-recording-security-bullet.html ; https://nvd.nist.gov/vuln/detail/CVE-2024-8069
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-8069

##

cR0w@infosec.exchange at 2025-08-25T17:17:40.000Z ##

CISA added CVE-2025-48384, CVE-2024-8069, and CVE-2024-8068 to the KEV Catalog.

##

CVE-2025-7776
(0 None)

EPSS: 0.06%

updated 2025-08-26T13:41:58.950000

2 posts

Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it

AAKL@infosec.exchange at 2025-08-26T17:45:49.000Z ##

Citrix: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424 https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938&articleTitle=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2025_7775_CVE_2025_7776_and_CVE_2025_8424

The Hacker News: Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775 https://thehackernews.com/2025/08/citrix-patches-three-netscaler-flaws.html @thehackernews #cybersecurity #infosec

##

cR0w@infosec.exchange at 2025-08-26T13:25:26.000Z ##

The new NetScaler CVEs for the EITW 0days are published. No, not those ones. No, not those ones either. These are new ones. Yes, newer than those new ones you're thinking of.

https://www.cve.org/CVERecord?id=CVE-2025-7775

https://www.cve.org/CVERecord?id=CVE-2025-7776

##

CVE-2025-43300
(8.8 HIGH)

EPSS: 1.72%

updated 2025-08-26T06:30:59

11 posts

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.8, macOS Ventura 13.7.8, iPadOS 17.7.10, macOS Sequoia 15.6.1, iOS 18.6.2 and iPadOS 18.6.2. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targ

3 repos

https://github.com/XiaomingX/CVE-2025-43300-exp

https://github.com/hunters-sec/CVE-2025-43300

https://github.com/h4xnz/CVE-2025-43300-Exploit

lsaeu@zpravobot.news at 2025-09-01T07:00:49.000Z ##

Jen několik dní poté, co Apple opravil kritickou zranitelnost v iOS a macOS, která mohla být hackery zneužita, vychází najevo nové informace. Útočníci podle zjištění kombinovali chybu v operačních systémech Applu (CVE-2025-43300) s nyní již opravenou chybou ve WhatsAppu (CVE-2025-55177).
https://www.letemsvetemapplem.eu/2025/09/01/hackeri-spojili-chyby-v-ios-a-whatsappu-zvladli-diky-tomu-spehovat-uzivatele/

##

technadu@infosec.exchange at 2025-08-30T07:23:13.000Z ##

🚨 WhatsApp patches CVE-2025-55177 zero-day exploited with Apple CVE-2025-43300 in advanced spyware attacks.
WhatsApp has urged some users to perform a factory reset + OS updates.
Are messaging apps the frontline of spyware warfare now?
💬 Share your thoughts & follow @technadu for daily zero-day + infosec updates.

#ZeroDay #WhatsApp #Spyware #Infosec

##

campuscodi@mastodon.social at 2025-08-29T16:11:09.000Z ##

Meta says it patched a zero-click exploit (CVE-2025-55177) that appears to have been used together with a recent iOS zero-day (CVE-2025-43300)

https://www.whatsapp.com/security/advisories/2025/

##

pupuweb@mastodon.social at 2025-08-27T03:59:45.000Z ##

Apple has released a critical security update for a zero-day flaw (CVE-2025-43300) affecting iPhones, iPads, and Macs. The bug, which is being actively exploited, allows a malicious image to compromise your device. Update now. https://pupuweb.com/apple-released-critical-security-updates-fix-zero-day-vulnerability-ios-ipados-macos/ #Apple #CyberSecurity #InfoSec

##

hn100@social.lansky.name at 2025-08-26T20:20:09.000Z ##

iOS 18.6.1 0-click RCE POC

Link: https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md
Discussion: https://news.ycombinator.com/item?id=45019671

##

hn50@social.lansky.name at 2025-08-26T17:35:07.000Z ##

iOS 18.6.1 0-click RCE POC

Link: https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md
Discussion: https://news.ycombinator.com/item?id=45019671

##

CuratedHackerNews@mastodon.social at 2025-08-26T17:08:08.000Z ##

iOS 18.6.1 0-click RCE POC

https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md

#github #ios

##

h4ckernews@mastodon.social at 2025-08-26T17:06:55.000Z ##

iOS 18.6.1 zero-click remote code execution proof-of-concept

https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md

#HackerNews #iOS #zero-click #security #remote #code #execution #proof-of-concept #vulnerability

##

sambowne@infosec.exchange at 2025-08-25T13:28:32.000Z ##

iOS 18.6.1 0-click RCE POC https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md

##

sambowne@infosec.exchange at 2025-08-25T13:27:27.000Z ##

Detecting CVE-2025-43300: A Deep Dive into Apple's DNG Processing Vulnerability | Matt Suiche https://www.msuiche.com/posts/detecting-cve-2025-43300-a-deep-dive-into-apples-dng-processing-vulnerability/

##

agnieszkaserafinowicz@imagazine.pl at 2025-08-25T05:00:42.000Z ##

Pilna aktualizacja dla iPhone’ów. Apple i polskie wojsko ostrzegają przed groźną luką w iOS

Apple udostępniła krytyczną aktualizację bezpieczeństwa do wersji iOS 18.6.2. Zarówno producent, jak i polskie Wojska Obrony Cyberprzestrzeni, wzywają do jej natychmiastowej instalacji. Powodem jest groźna luka w oprogramowaniu, która jest już aktywnie wykorzystywana przez hakerów w cyberatakach.

Komunikat o zagrożeniu został opublikowany m.in. na oficjalnych kanałach Wojsk Obrony Cyberprzestrzeni. Eksperci wojskowi podkreślają, że wykryta luka jest już wykorzystywana w atakach, a kilkuminutowa aktualizacja „może ochronić dane i prywatność” użytkowników. To rzadka sytuacja, w której krajowa jednostka ds. cyberbezpieczeństwa wydaje tak bezpośrednie zalecenie dotyczące oprogramowania konsumenckiego.

🚨 PILNE⁰W systemie iOS wykryto poważną lukę bezpieczeństwa, która jest już aktywnie wykorzystywana w cyberatakach.
📲 Apple udostępniło aktualizację iOS 18.6.2 – warto zainstalować ją jak najszybciej. To tylko kilka minut, które mogą ochronić dane i prywatność.#CyberSecurity… pic.twitter.com/NiEck7GfNX
— Karol Molenda (@MolendaKarol) August 23, 2025

Samo Apple potwierdziło powagę sytuacji, informując w nocie bezpieczeństwa, że jest „świadome raportów mówiących o wykorzystaniu tej luki w atakach na konkretne osoby”. Taka deklaracja oznacza, że mamy do czynienia z podatnością typu zero-day – czyli taką, o której cyberprzestępcy dowiedzieli się przed producentem i zdążyli ją wykorzystać, zanim powstała oficjalna poprawka. Z ujawnionych informacji wynika, że luka (CVE-2025-43300) tkwi w systemowym frameworku ImageIO i może zostać aktywowana przez przetworzenie złośliwie spreparowanego pliku graficznego.

Ani Apple, ani wojsko nie precyzują, kto jest celem ataków. Jednak ze względu na charakter luki, zalecenie aktualizacji dotyczy wszystkich użytkowników. Narażone są modele iPhone XS i nowsze.

Aby zainstalować aktualizację, należy wejść w Ustawienia > Ogólne > Uaktualnienia i wybrać opcję instalacji iOS 18.6.2. Jeśli włączone są aktualizacje automatyczne, urządzenie powinno samo pobrać i zainstalować łatkę. Ze względu na powagę zagrożenia, nie warto jednak z tym zwlekać.

#aktualizacja #Apple #Bezpieczeństwo #cyberbezpieczeństwo #hakerzy #iOS #iPhone #lukaBezpieczeństwa #news #WojskaObronyCyberprzestrzeni #zeroDay

##

CVE-2025-29523
(7.2 HIGH)

EPSS: 0.24%

updated 2025-08-26T00:31:20

1 posts

D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the ping6 function.

cR0w@infosec.exchange at 2025-08-25T15:30:11.000Z ##

@Dio9sys @da_667 And another D-Link:

https://www.cve.org/CVERecord?id=CVE-2025-29523

##

CVE-2025-51281
(7.0 None)

EPSS: 0.05%

updated 2025-08-26T00:31:20

1 posts

D-Link DI-8100 16.07.26A1 is vulnerable to Buffer Overflow via the en`, `val and id parameters in the qj_asp function. This vulnerability allows authenticated attackers to cause a Denial of Service (DoS) by sending crafted GET requests with overly long values for these parameters.

cR0w@infosec.exchange at 2025-08-25T14:40:53.000Z ##

And more D-Link:

And a few DASAN ones to mix it up:

##

CVE-2025-29516
(7.2 HIGH)

EPSS: 0.24%

updated 2025-08-26T00:31:13

1 posts

D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the backup function.

cR0w@infosec.exchange at 2025-08-25T14:23:27.000Z ##

D-Link

##

CVE-2025-29514
(9.8 CRITICAL)

EPSS: 0.05%

updated 2025-08-26T00:31:12

1 posts

Incorrect access control in the config.xgi function of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to download the configuration file via providing a crafted web request.

cR0w@infosec.exchange at 2025-08-25T14:23:27.000Z ##

D-Link

##

CVE-2025-44178
(6.5 MEDIUM)

EPSS: 0.04%

updated 2025-08-25T20:24:45.327000

1 posts

DASAN GPON ONU H660WM H660WMR210825 is susceptible to improper access control under its default settings. Attackers can exploit this vulnerability to gain unauthorized access to sensitive information and modify its configuration via the UPnP protocol WAN sides without any authentication.

cR0w@infosec.exchange at 2025-08-25T14:40:53.000Z ##

And more D-Link:

And a few DASAN ones to mix it up:

##

CVE-2025-29515
(9.8 CRITICAL)

EPSS: 0.05%

updated 2025-08-25T20:24:45.327000

1 posts

Incorrect access control in the DELT_file.xgi endpoint of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to modify arbitrary settings within the device's XML database, including the administrator’s password.

cR0w@infosec.exchange at 2025-08-25T14:23:27.000Z ##

D-Link

https://www.moxa.com/en/support/product-support/security-advisory/mpsa-256421-cve-2025-5191-unquoted-search-path-vulnerability-in-the-utility-for-industrial-computers-(windows)

##

CVE-2025-5191
(0 None)

EPSS: 0.01%

updated 2025-08-25T20:24:45.327000

1 posts

An Unquoted Search Path vulnerability has been identified in the utility for Moxa’s industrial computers (Windows). Due to the unquoted path configuration in the SerialInterfaceService.exe utility, a local attacker with limited privileges could place a malicious executable in a higher-priority directory within the search path. When the Serial Interface service starts, the malicious executable coul

cR0w@infosec.exchange at 2025-08-25T13:34:24.000Z ##

Moxa PrivEsc.

An Unquoted Search Path vulnerability has been identified in the utility for Moxa’s industrial computers (Windows). Due to the unquoted path configuration in the SerialInterfaceService.exe utility, a local attacker with limited privileges could place a malicious executable in a higher-priority directory within the search path. When the Serial Interface service starts, the malicious executable could be run with SYSTEM privileges. Successful exploitation could allow privilege escalation or enable an attacker to maintain persistence on the affected system. While successful exploitation can severely impact the confidentiality, integrity, and availability of the affected device itself, there is no loss of confidentiality, integrity, or availability within any subsequent systems.

https://www.cve.org/CVERecord?id=CVE-2025-5191

##

CVE-2025-55230
(7.8 HIGH)

EPSS: 0.05%

updated 2025-08-25T18:36:04.440000

1 posts

Untrusted pointer dereference in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.

1 repos

https://github.com/barbaraeivyu/CVE-2025-55230-Exploit

pupuweb@mastodon.social at 2025-08-31T16:22:24.000Z ##

Microsoft announced critical patches for two Windows security flaws (CVE-2025-55229 & CVE-2025-55230), but the updates are missing. Confused? Here's what you need to do to stay safe until the official fix is released. #WindowsSecurity #CyberSec #InfoSec #CVE

https://pupuweb.com/what-windows-certificate-spoofing-flaws-cve-2025-55229-mdt-cve-2025-55230/

##

CVE-2025-54462
(9.8 CRITICAL)

EPSS: 0.10%

updated 2025-08-25T15:32:07

1 posts

A heap-based buffer overflow vulnerability exists in the Nex parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted .nex file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

AAKL@infosec.exchange at 2025-08-27T15:22:06.000Z ##

Cisco has tagged GCC Productions Inc. for zero-day reports, impacting CVE-2025-54462 and CVE-2025-53853 https://talosintelligence.com/vulnerability_info @TalosSecurity #cybersecurity #Infosec #zeroday

##

CVE-2025-7426(CVSS UNKNOWN)

EPSS: 0.03%

updated 2025-08-25T09:32:09

1 posts

Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of automated business processes (e.g. EDI or data integration), this could lead to data manipulation, extra

cR0w@infosec.exchange at 2025-08-25T13:36:16.000Z ##

I keep getting surprised by how many different FTP services there are out there. But I only find out about them via vulns like this.

https://www.cve.org/CVERecord?id=CVE-2025-7426

Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of automated business processes (e.g. EDI or data integration), this could lead to data manipulation, extraction, or abuse. Debug ports 1602, 1603 and 1636 also expose service architecture information and system activity logs

##

CVE-2025-9118(CVSS UNKNOWN)

EPSS: 0.37%

updated 2025-08-25T09:32:08

4 posts

A path traversal vulnerability in the NPM package installation process of Google Cloud Dataform allows a remote attacker to read and write files in other customers' repositories via a maliciously crafted package.json file.

beyondmachines1@infosec.exchange at 2025-08-25T19:01:17.000Z ##

Critical Google Cloud Dataform path traversal flaw enables cross-tenant data access

Google patched a critical path traversal vulnerability (CVE-2025-9118) in Google Cloud Dataform's NPM package installation process that allowed unauthenticated attackers to bypass multi-tenant security boundaries and read/write files in other customers' repositories. The flaw affected all Dataform environments using NPM package installation before August 21, 2025.

**If you use Google Cloud Dataform, be aware of this vulnerability. You can't do anything about it, it's already patched. But still be aware of the flaw for vendor evaluation, and to review your Dataform repositories for any unexpected changes or unknown code that may have been added before August 21, 2025, when the fix was deployed.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-google-cloud-dataform-path-traversal-flaw-enables-cross-tenant-data-access-t-f-v-c-0/gD2P6Ple2L

##

DarkWebInformer@infosec.exchange at 2025-08-25T16:45:14.000Z ##

🚨CVE-2025-9118: Google Cloud Dataform NPM Path Traversal Vulnerability

CVSS: 10

https://darkwebinformer.com/cve-2025-9118-google-cloud-dataform-npm-path-traversal-vulnerability/

##

cR0w@infosec.exchange at 2025-08-25T13:31:31.000Z ##

A "perfect 10" ../ in a Google Cloud product is not how I expected to start my Monday but I'll take it. 🥳 Too bad it appears the advisory is behind a login.

https://cloud.devsite.corp.google.com/dataform/docs/security-bulletins#gcp-2025-045

sev:CRIT 10.0 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H

A path traversal vulnerability in the NPM package installation process of Google Cloud Dataform allows a remote attacker to read and write files in other customers' repositories via a maliciously crafted package.json file.

https://www.cve.org/CVERecord?id=CVE-2025-9118

##

offseq@infosec.exchange at 2025-08-25T07:31:47.000Z ##

🚨 CVE-2025-9118 (CRITICAL): Google Cloud Dataform path traversal in NPM install lets remote attackers access & modify files in other customers' repos via crafted package.json. Audit deployments now. https://radar.offseq.com/threat/cve-2025-9118-cwe-22-improper-limitation-of-a-path-ff8f06cd #OffSeq #CloudSecurity #PathTraversal

##

CVE-2025-26496
(9.7 CRITICAL)

EPSS: 0.02%

updated 2025-08-22T21:31:25

2 posts

Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Salesforce Tableau Server, Tableau Desktop on Windows, Linux (File Upload modules) allows Local Code Inclusion.This issue affects Tableau Server, Tableau Desktop: before 2025.1.3, before 2024.2.12, before 2023.3.19.

DarkWebInformer@infosec.exchange at 2025-08-27T17:25:59.000Z ##

🚨CVE-2025-26496: Salesforce Tableau Server and Desktop Type Confusion Vulnerability Allows Local Code Inclusion via File Upload

CVSS: 9.6

ZoomEye Dork: app="Tableau Server"

ZoomEye Link: https://www.zoomeye.ai/searchResult?q=YXBwPSJUYWJsZWF1IFNlcnZlciI%3D&from=25082501

Results: 169,926

GitHub Advisory: https://github.com/advisories/GHSA-pf6x-cjmp-qqqq

———————

Follow @zoomeye_team's official Twitter/X account and send the message “Dark Web Informer” via DM to receive a 7-day trial Professional membership, a $1,090/Year USD value. 💙

##

beyondmachines1@infosec.exchange at 2025-08-25T10:01:17.000Z ##

Salesforce patches multiple flaws in Tableau Server, at least one critical

Salesforce has patched multiple critical vulnerabilities in Tableau Server and Desktop, including a severe type confusion flaw (CVE-2025-26496) that enables authenticated attackers to execute malicious code and several path traversal vulnerabilities that allow writing files to arbitrary server locations.

**If you use Tableau Server or Tableau Desktop, plan an update to the latest version - especially if you have external untrusted users on the server. Even if you only have internal users, it's still wise to patch, because user accounts can be hacked via infostealers, phishing or malware. Or just have a disgruntled employee.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/salesforce-patches-multiple-flaws-in-tableau-server-at-least-one-critical-k-t-i-0-c/gD2P6Ple2L

##

CVE-2025-55746
(9.3 CRITICAL)

EPSS: 0.05%

updated 2025-08-22T18:09:17.710000

1 posts

Directus is a real-time API and App dashboard for managing SQL database content. From 10.8.0 to before 11.9.3, a vulnerability exists in the file update mechanism which allows an unauthenticated actor to modify existing files with arbitrary contents (without changes being applied to the files' database-resident metadata) and / or upload new files, with arbitrary content and extensions, which won't

beyondmachines1@infosec.exchange at 2025-08-28T20:01:41.000Z ##

Critical Directus vulnerability enables unauthenticated file upload and remote code execution

Directus has disclosed CVE-2025-55746 , a critical path traversal vulnerability affecting versions 10.8.0 through 11.9.2 that allows unauthenticated attackers to upload arbitrary files and achieve complete system compromise using only network access and a single file UUID.

**If you're running Directus, immediately upgrade to version 11.9.3 or later. There's a critical flaw and your system is probably exposed on the internet. Attackers will automate exploitation very quickly. If you can't upgrade immediately, isolate your Directus instance from internet access until you can patch.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-directus-vulnerability-enables-unauthenticated-file-upload-and-remote-code-execution-d-d-z-c-x/gD2P6Ple2L

##

CVE-2025-9074
(0 None)

EPSS: 0.02%

updated 2025-08-22T14:15:47.790000

13 posts

A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation (ECI) enabled, and with or without the "Expose daemon on tcp://localhost:2375 without TLS" option enabled. This can lead to execution of a

1 repos

https://github.com/zenzue/CVE-2025-9074

Hackread@mstdn.social at 2025-08-27T13:59:59.000Z ##

Docker patches a critical #DockerDesktop vulnerability (CVE-2025-9074) that allowed attackers to escape containers and seize host control on Windows and macOS.

Read: https://hackread.com/docker-desktop-vulnerability-host-takeover-windows-macos/

#CyberSecurity #Docker #Vulnerability #Windows #macOS

##

jbhall56@infosec.exchange at 2025-08-26T12:48:07.000Z ##

Tracked as CVE-2025-9074 (CVSS score of 9.3), the flaw is a container escape issue that impacts the Windows and macOS iterations of the application. securityweek.com/docker-desktop-vulnerability-leads-to-host-compromise/

##

benzogaga33@mamot.fr at 2025-08-26T09:40:02.000Z ##

CVE-2025-9074 : cette faille critique dans Docker Desktop permet de pirater Windows https://www.it-connect.fr/cve-2025-9074-cette-faille-critique-dans-docker-desktop-permet-de-pirater-windows/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #Windows #Docker #Apple

##

Sempf@infosec.exchange at 2025-08-26T03:28:23.000Z ##

I played in a little team with Valkerie and others looking at hypervisor escapes back forever ago. Hardcore shit, that.

Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3

https://thehackernews.com/2025/08/docker-fixes-cve-2025-9074-critical.html

#docker #cve

##

linux@activitypub.awakari.com at 2025-08-25T22:30:34.000Z ## Docker fixes critical Desktop flaw allowing container escapes Docker fixed a critical flaw in the Docker Desktop app for Windows and macOS that could potentially allow an attacker to escape the con...

#Breaking #News #Hacking #Security #CVE-2025-9074 #Docker #hacking #news #information #security #news

Origin | Interest | Match ##

jos1264@social.skynetcloud.site at 2025-08-25T23:15:02.000Z ##

Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3 – Source:thehackernews.com https://ciso2ciso.com/docker-fixes-cve-2025-9074-critical-container-escape-vulnerability-with-cvss-score-9-3-sourcethehackernews-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #TheHackerNews #docker

##

linux@activitypub.awakari.com at 2025-08-21T11:05:19.000Z ## Critical Vulnerability in Docker Desktop Allows Malicious Containers to Access Host System A severe security vulnerability identified as CVE-2025-9074 has been discovered in Docker Desktop, exposin...

#Firewall #Daily #Cyber #News #Vulnerabilities #CVE-2025-9074 #Docker #Docker #Desktop #The #Cyber

Origin | Interest | Match ##

jos1264@social.skynetcloud.site at 2025-08-25T19:50:02.000Z ##

Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3 https://thehackernews.com/2025/08/docker-fixes-cve-2025-9074-critical.html

##

jos1264@social.skynetcloud.site at 2025-08-25T19:50:02.000Z ##

Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3 https://thehackernews.com/2025/08/docker-fixes-cve-2025-9074-critical.html

##

jos1264@social.skynetcloud.site at 2025-08-25T19:00:03.000Z ##

Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3 https://thehackernews.com/2025/08/docker-fixes-cve-2025-9074-critical.html

##

sambowne@infosec.exchange at 2025-08-25T13:35:27.000Z ##

When a SSRF is enough: Full Docker Escape on Windows Docker Desktop (CVE-2025-9074)); Unprotected API https://blog.qwertysecurity.com/Articles/blog3.html

##

linux@activitypub.awakari.com at 2025-08-21T11:05:19.000Z ## Critical Vulnerability in Docker Desktop Allows Malicious Containers to Access Host System A severe security vulnerability identified as CVE-2025-9074 has been discovered in Docker Desktop, exposin...

#Firewall #Daily #Cyber #News #Vulnerabilities #CVE-2025-9074 #Docker #Docker #Desktop #The #Cyber

Origin | Interest | Match ##

fefe_interim@mastodon.social at 2025-08-25T08:17:12.000Z ##

Benutzt hier jemand Docker Desktop?

https://www.cve.org/CVERecord?id=CVE-2025-9074

##

CVE-2025-55229
(5.3 MEDIUM)

EPSS: 0.03%

updated 2025-08-21T21:32:13

1 posts

Improper verification of cryptographic signature in Windows Certificates allows an unauthorized attacker to perform spoofing over a network.

pupuweb@mastodon.social at 2025-08-31T16:22:24.000Z ##

Microsoft announced critical patches for two Windows security flaws (CVE-2025-55229 & CVE-2025-55230), but the updates are missing. Confused? Here's what you need to do to stay safe until the official fix is released. #WindowsSecurity #CyberSec #InfoSec #CVE

https://pupuweb.com/what-windows-certificate-spoofing-flaws-cve-2025-55229-mdt-cve-2025-55230/

##

CVE-2025-8995
(9.8 CRITICAL)

EPSS: 0.09%

updated 2025-08-21T21:32:02

1 posts

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator Login allows Authentication Bypass.This issue affects Authenticator Login: from 0.0.0 before 2.1.4.

legacv at 2025-08-31T16:34:05.970Z ##

not sure if cR0w posted this but go hack drupal alogin (if you can craft an exploit, b/c there's no public one. maybe check the update diffs?)

https://nvd.nist.gov/vuln/detail/CVE-2025-8995

##

CVE-2025-4123
(7.6 HIGH)

EPSS: 5.10%

updated 2025-08-15T19:37:01.457000

2 posts

A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path traversal and open redirect. This allows attackers to redirect users to a website that hosts a frontend plugin that will execute arbitrary JavaScript. This vulnerability does not require editor permissions and if anonymous access is enabled, the XSS will work. If the Grafana Image Renderer plugin is inst

https://github.com/kk12-30/CVE-2025-4123

7 repos

https://github.com/imbas007/CVE-2025-4123-template

https://github.com/ynsmroztas/CVE-2025-4123-Exploit-Tool-Grafana-

https://github.com/punitdarji/Grafana-cve-2025-4123

https://github.com/B1ack4sh/Blackash-CVE-2025-4123

https://github.com/NightBloodz/CVE-2025-4123

https://github.com/DesDoTvl/CVE-2025-4123grafana

DarkWebInformer at 2025-09-01T23:52:25.899Z ##

CVE-2025-4123: Critical XSS Vulnerability in Grafana Explained with PoC

Credit: youtube.com/@certcubelabs

##

DarkWebInformer@infosec.exchange at 2025-09-01T23:52:25.000Z ##

CVE-2025-4123: Critical XSS Vulnerability in Grafana Explained with PoC

Credit: youtube.com/@certcubelabs

##

CVE-2025-25256
(9.8 CRITICAL)

EPSS: 18.91%

updated 2025-08-15T18:15:27.583000

1 posts

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute unauthorized code or commands via crafted CLI requests.

https://github.com/watchtowrlabs/watchTowr-vs-FortiSIEM-CVE-2025-25256

2 repos

https://github.com/JMS-Security/CVE-2025-25256-PoC

raptor@infosec.exchange at 2025-08-27T06:19:31.000Z ##

Should #Security Solutions Be Secure? Maybe We're All Wrong - #Fortinet #FortiSIEM Pre-Auth Command Injection (CVE-2025-25256)

https://labs.watchtowr.com/should-security-solutions-be-secure-maybe-were-all-wrong-fortinet-fortisiem-pre-auth-command-injection-cve-2025-25256/

##

CVE-2025-0309(CVSS UNKNOWN)

EPSS: 0.01%

updated 2025-08-15T15:31:25

1 posts

An insufficient validation on the server connection endpoint in Netskope Client allows local users to elevate privileges on the system. The insufficient validation allows Netskope Client to connect to any other server with Public Signed CA TLS certificates and send specially crafted responses to elevate privileges.

1 repos

https://github.com/AmberWolfCyber/UpSkope

_r_netsec@infosec.exchange at 2025-08-30T14:58:06.000Z ##

Netskope Client for Windows - Local Privilege Escalation via Rogue Server (CVE-2025-0309) https://blog.amberwolf.com/blog/2025/august/advisory---netskope-client-for-windows---local-privilege-escalation-via-rogue-server/

##

CVE-2025-8714
(8.8 HIGH)

EPSS: 0.06%

updated 2025-08-14T15:30:44

1 posts

Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pg_dumpall is also affected. pg_restore is affected when used to generate a plain-format dump. This is similar to MySQL CVE-2024-21096. Versions be

1 repos

https://github.com/orderby99/CVE-2025-8714-POC

defnull@chaos.social at 2025-08-28T13:20:26.000Z ##

SQL dumps created with current releases of "pg_dump" (namely 17.6, 16.10, 15.14, 14.19 or 13.22) can no longer be loaded with earlier versions of "psql" because they contain new "\restrict" commands that did not exist in earlier versions and will cause "invalid command" errors. The reason for this change is CVE-2025-8714. Strange to see breaking changes in a project like #Postgres #PostgreSQL

##

CVE-2025-32711
(9.3 CRITICAL)

EPSS: 0.30%

updated 2025-08-04T18:31:35

1 posts

Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.

1 repos

https://github.com/daryllundy/cve-2025-32711

cdarwin@c.im at 2025-08-31T04:07:50.000Z ##

Breaking down ‘EchoLeak’, the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilot.

Aim Labs reported CVE-2025-32711 against Microsoft 365 Copilot back in January, and the fix is now rolled out.

This is an extended variant of the prompt injection exfiltration attacks we've seen in a dozen different products already:
an attacker gets malicious instructions into an LLM system which cause it to access private data and then embed that in the URL of a Markdown link,
hence stealing that data (to the attacker's own logging server) when that link is clicked
https://simonwillison.net/2025/Jun/11/echoleak/

##

CVE-2025-54309
(9.0 CRITICAL)

EPSS: 37.61%

updated 2025-07-23T17:51:56.027000

7 posts

CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy feature is not used, mishandles AS2 validation and consequently allows remote attackers to obtain admin access via HTTPS, as exploited in the wild in July 2025.

https://github.com/blueisbeautiful/CVE-2025-54309

3 repos

https://github.com/watchtowrlabs/watchTowr-vs-CrushFTP-Authentication-Bypass-CVE-2025-54309

https://github.com/issamjr/CVE-2025-54309-EXPLOIT

pupuweb@mastodon.social at 2025-09-02T08:49:39.000Z ##

Using CrushFTP? A critical zero-day flaw gives attackers full server control without a password. It's being actively exploited. Learn how to check your version and apply the urgent patch now with our guide. #CrushFTP #CyberSecurity #Vulnerability

https://pupuweb.com/how-to-check-and-fix-critical-crushftp-security-flaw-cve-2025-54309/

##

Hackread@mstdn.social at 2025-08-30T12:24:40.000Z ##

🚨 Hackers are exploiting a CrushFTP Zero-Day (CVE-2025-54309) to gain admin access and take over servers. Update to v10.8.5 or v11.3.4 now!

Read: https://hackread.com/hackers-exploit-crushftp-zero-day-take-over-servers/

#CyberSecurity #CrushFTP #Vulnerability #0day

##

jos1264@social.skynetcloud.site at 2025-08-27T19:20:03.000Z ##

PoC Exploit Released for CrushFTP 0-day Vulnerability (CVE-2025-54309) https://cybersecuritynews.com/poc-exploit-crushftp-0-day-vulnerability/ #CyberSecurityNews #VulnerabilityNews #cybersecuritynews #Vulnerabilities #cybersecurity #vulnerability

##

AAKL@infosec.exchange at 2025-08-27T15:54:57.000Z ##

New.

WatchTower: The One Where We Just Steal The Vulnerabilities (CrushFTP CVE-2025-54309) https://labs.watchtowr.com/the-one-where-we-just-steal-the-vulnerabilities-crushftp-cve-2025-54309/ #cybersecurity #infosec

##

campuscodi@mastodon.social at 2025-08-27T14:59:10.000Z ##

Jerks... put it back!

https://labs.watchtowr.com/the-one-where-we-just-steal-the-vulnerabilities-crushftp-cve-2025-54309/

##

cR0w@infosec.exchange at 2025-08-27T12:46:31.000Z ##

watchTowr has a write-up on last month's CrushFTP vuln CVE-2025-54309. Always a good way to start your day. Or end it or whatever, IDK where you are.

https://labs.watchtowr.com/the-one-where-we-just-steal-the-vulnerabilities-crushftp-cve-2025-54309/

##

_r_netsec@infosec.exchange at 2025-08-27T04:58:06.000Z ##

The One Where We Just Steal The Vulnerabilities (CrushFTP CVE-2025-54309) - watchTowr Labs https://labs.watchtowr.com/the-one-where-we-just-steal-the-vulnerabilities-crushftp-cve-2025-54309

##

CVE-2025-7545
(5.3 MEDIUM)

EPSS: 0.01%

updated 2025-07-14T00:31:13

1 posts

A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copy_section of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is named 08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944. It is recommended to

Ubuntu@activitypub.awakari.com at 2025-08-26T17:51:05.000Z ## Ubuntu 16.04: USN-7718-1 GNU Binutils Critical Crash Risk CVE-2025-7545 GNU binutils could be made to crash if it received a specially crafted input.

#Ubuntu #Linux #Distribution #- #Security #Advisories

Origin | Interest | Match ##

CVE-2025-49870
(7.5 HIGH)

EPSS: 0.04%

updated 2025-07-08T16:18:53.607000

2 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozmoslabs Paid Member Subscriptions allows SQL Injection. This issue affects Paid Member Subscriptions: from n/a through 2.15.1.

technadu at 2025-09-02T10:25:20.213Z ##

🚨 CVE-2025-49870: High-risk SQLi in WordPress Paid Membership Subscriptions plugin (10K+ sites).
✅ Fixed in v2.15.2
❌ Exploitable without login
💥 Attackers could query or tamper with DB data
Still shocking to see SQL injection so prevalent in 2025.
💬 Are devs overlooking basics, or is plugin culture the real issue?
🔔 Follow @technadu for more threat intel.

#WordPress #SQLInjection #Vulnerability #PluginSecurity #WebSecurity #DataExposure #CMSecurity

##

technadu@infosec.exchange at 2025-09-02T10:25:20.000Z ##

🚨 CVE-2025-49870: High-risk SQLi in WordPress Paid Membership Subscriptions plugin (10K+ sites).
✅ Fixed in v2.15.2
❌ Exploitable without login
💥 Attackers could query or tamper with DB data
Still shocking to see SQL injection so prevalent in 2025.
💬 Are devs overlooking basics, or is plugin culture the real issue?
🔔 Follow @technadu for more threat intel.

#WordPress #SQLInjection #Vulnerability #PluginSecurity #WebSecurity #DataExposure #CMSecurity

##

CVE-2025-6543
(9.8 CRITICAL)

EPSS: 3.86%

updated 2025-07-01T18:19:45.547000

2 posts

Memory overflow vulnerability leading to unintended control flow and Denial of Service in NetScaler ADC and NetScaler Gateway when configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

3 repos

https://github.com/lex1010/CVE-2025-6543

https://github.com/grupooruss/Citrix-cve-2025-6543

https://github.com/abrewer251/CVE-2025-6543_CitrixNetScaler_PoC

doublepulsar.com@bsky.brid.gy at 2025-08-28T21:22:30.241Z ##

New by me - Citrix have forgot to tell you a zero day was under exploitation earlier this year to successfully backdoor devices at "critical" organisations, and no vendor released technical details. More to come, including on CVE-2025-7775 too. doublepulsar.com/citrix-forgo...

Citrix forgot to tell you CVE-...

##

GossiTheDog@cyberplace.social at 2025-08-28T19:30:41.000Z ##

New by me: Citrix forgot to tell you there was a zero day RCE vulnerability used widely since at least May in Netscaler.

Nobody released any technical information until now.

It has been used to pop "critical" organisations in the Netherlands and worldwide.

What to do:

https://doublepulsar.com/citrix-forgot-to-tell-you-cve-2025-6543-has-been-used-as-a-zero-day-since-may-2025-d76574e2dd2c

##

CVE-2025-26647
(8.1 HIGH)

EPSS: 0.22%

updated 2025-04-08T18:34:54

1 posts

Improper input validation in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network.

pupuweb@mastodon.social at 2025-08-31T16:18:41.000Z ##

Struggling with Kerberos errors after the CVE-2025-26647 patch? Audit Mode might be silent, but Enforcement Mode can still break network authentication. Find the hidden certificate issues before the October deadline. Your fix is here. #WindowsServer #SysAdmin #Kerberos

https://pupuweb.com/why-windows-allowntauthpolicybypass-block-network-fix-cve-2025-26647-errors/

##

CVE-2021-0920
(6.4 MEDIUM)

EPSS: 0.51%

updated 2025-04-04T17:34:25.457000

1 posts

In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel

Ubuntu@activitypub.awakari.com at 2025-08-27T18:15:32.000Z ## Ubuntu 14.04 LTS: Linux Kernel Critical DoS Flaws USN-7720-1 CVE-2021-0920 Several security issues were fixed in the Linux kernel.

#Ubuntu #Linux #Distribution #- #Security #Advisories

Origin | Interest | Match ##

CVE-2023-46604
(10.0 CRITICAL)

EPSS: 94.44%

updated 2025-02-13T19:20:38

1 posts

Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath. Users are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue.