FediSecfeeds

TOTOLINK

SICK

ZTE

##

CVE-2025-12259
(8.8 HIGH)

EPSS: 0.08%

updated 2025-10-28T02:10:25.910000

1 posts

A flaw has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. This manipulation of the argument recHour causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been published and may be used.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

##

CVE-2025-12273
(8.8 HIGH)

EPSS: 0.00%

updated 2025-10-28T02:07:59.857000

1 posts

A weakness has been identified in Tenda CH22 1.0.0.1. Affected is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. Executing manipulation of the argument page can lead to buffer overflow. The attack may be launched remotely. The exploit has been made available to the public and could be exploited.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

##

CVE-2025-54236
(9.1 CRITICAL)

EPSS: 63.13%

updated 2025-10-28T01:00:01.903000

14 posts

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction.

https://github.com/amalpvatayam67/day01-sessionreaper-lab

2 repos

https://github.com/wubinworks/magento2-session-reaper-patch

_r_netsec@infosec.exchange at 2025-10-25T08:28:06.000Z ##

Account takeover exploit write-up for Magento SessionReaper https://pentesttools.com/blog/sessionreaper-cve-2025-54236-exploit

##

cisakevtracker@mastodon.social at 2025-10-24T18:01:00.000Z ##

CVE ID: CVE-2025-54236
Vendor: Adobe
Product: Commerce and Magento
Date Added: 2025-10-24
Notes: https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-27397 ; https://nvd.nist.gov/vuln/detail/CVE-2025-54236
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-54236

##

AAKL@infosec.exchange at 2025-10-24T17:41:35.000Z ##

CIA has updated the KEV catalogue.

CVE-2025-59287: Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-59287

CVE-2025-54236: Adobe Commerce and Magento Improper Input Validation Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-54236 #CISA #Microsoft #Windows #Adobe #cybersecurity #infosec

##

jbhall56@infosec.exchange at 2025-10-24T12:51:14.000Z ##

The vulnerability in question is CVE-2025-54236 (CVSS score: 9.1), a critical improper input validation flaw that could be abused to take over customer accounts in Adobe Commerce through the Commerce REST API. https://thehackernews.com/2025/10/over-250-magento-stores-hit-overnight.html

##

winterkvist@mastodonsweden.se at 2025-10-23T21:02:21.000Z ##

Critical Adobe Commerce, Magento vulnerability under attack (CVE-2025-54236) – Help Net Security https://www.macken.xyz/2025/10/critical-adobe-commerce-magento-vulnerability-under-attack-cve-2025-54236-help-net-security/?utm_source=dlvr.it&utm_medium=mastodon

##

AAKL@infosec.exchange at 2025-10-23T14:48:19.000Z ##

Looks like this has been happening over the past 24 hours, relating to critical Adobe vulnerability, CVE-2025-54236.

Sansec: SessionReaper attacks have started, 3 in 5 stores still vulnerable https://sansec.io/research/sessionreaper-exploitation

More:

The Hacker News: Over 250 Magento Stores Hit Overnight as Attackers Exploit New Adobe Commerce Flaw https://thehackernews.com/2025/10/over-250-magento-stores-hit-overnight.html @thehackernews #Adobe #cybersecurity #infosec

##

pentesttools@infosec.exchange at 2025-10-23T14:12:23.000Z ##

🏴‍☠️ We built a #SessionReaper (CVE-2025-54236) exploit against Magento 2 & Adobe Commerce and documented the *full* hunt 🔦 — from repo diffs and endpoint discovery to a lab-tested PoC and Sniper automation.

If you research or defend e-commerce apps, this one’s practical: reproducible steps, debug tips, and what to look for on your instances.

Read the full breakdown and PoC by Matei "Mal" Badanoiu (aka CVE Jesus) & David Bors! 👉 https://pentest-tools.com/blog/sessionreaper-cve-2025-54236-exploit

##

jos1264@social.skynetcloud.site at 2025-10-23T12:05:02.000Z ##

Critical Adobe Commerce, Magento vulnerability under attack (CVE-2025-54236) https://www.helpnetsecurity.com/2025/10/23/adobe-magento-cve-2025-54236-attack/ #SearchlightCyber #vulnerability #e-commerce #Don'tmiss #Assetnote #Hotstuff #Magento #Sansec #Adobe #News

##

beyondmachines1@infosec.exchange at 2025-10-23T11:01:31.000Z ##

SessionReaper flaw in Adobe Magento actively exploited

Cybercriminals are actively exploiting CVE-2025-54236, dubbed "SessionReaper," a critical improper input validation vulnerability in Adobe Commerce/Magento that enables attackers to hijack customer account sessions through the Commerce REST API. The security firm Sansec blocking over 250 exploitation attempts in a single day. Despite Adobe releasing patches on September 8, 2025, 62% of Magento stores are not patched.

**If you are using Adobe Commerce/Magento this advisory is URGENT AND IMPORTANT - Patch your Commerce/Magento IMMEDIATELY. Because your e-commerce platform is being hacked.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/sessionreaper-flaw-in-adobe-magento-actively-exploited-6-g-k-n-n/gD2P6Ple2L

##

benzogaga33@mamot.fr at 2025-10-23T09:40:02.000Z ##

La faille SessionReaper d’Adobe Commerce (Magento) est exploitée : 3 sites web sur 5 vulnérables ! https://www.it-connect.fr/adobe-commerce-magento-cve-2025-54236-exploitation/ #ActuCybersécurité #Cybersécurité

##

decio@infosec.exchange at 2025-10-23T07:07:44.000Z ##

⚠️ "Six semaines après le correctif d’urgence d’Adobe pour #SessionReaper (CVE-2025-54236), la vulnérabilité est entrée dans une phase d’exploitation active."

➡️ Selon Sansec Seuls 38 % des sites #Magento sont à jour — 3 sur 5 restent vulnérables à une exécution de code à distance

Détails techniques et timeline complète sur le blog de Sansec.
👇
https://sansec.io/research/sessionreaper-exploitation

Article FR
👇
https://infosec.pub/post/36573308

Analyse technique / dff du patch
👇
https://slcyber.io/assetnote-security-research-center/why-nested-deserialization-is-still-harmful-magento-rce-cve-2025-54236/

Détails (G)CVE
👇
https://cve.circl.lu/vuln/CVE-2025-54236

#CyberVeille #CVE_2025_54236

##

offseq@infosec.exchange at 2025-10-23T07:03:27.000Z ##

🔥 SessionReaper (CVE-2025-54236) exploited in wild! 250+ Magento stores hit via Adobe Commerce REST API flaw—unauth RCE, webshells, account takeover. 62% still unpatched. Patch ASAP, audit uploads, monitor logs. https://radar.offseq.com/threat/over-250-magento-stores-hit-overnight-as-hackers-e-c68791e2 #OffSeq #Magento #AdobeCommerce #Infosec

##

oversecurity@mastodon.social at 2025-10-22T18:50:06.000Z ##

Hackers exploiting critical "SessionReaper" flaw in Adobe Magento

Hackers are actively exploiting the critical SessionReaper vulnerability (CVE-2025-54236) in Adobe Commerce (formerly Magento) platforms, with...

🔗️ [Bleepingcomputer] https://link.is.it/vNASEv

##

_r_netsec@infosec.exchange at 2025-10-22T05:58:06.000Z ##

Why nested deserialization is STILL harmful – Magento RCE (CVE-2025-54236) https://slcyber.io/assetnote-security-research-center/why-nested-deserialization-is-still-harmful-magento-rce-cve-2025-54236/

##

CVE-2025-54969
(6.1 MEDIUM)

EPSS: 0.00%

updated 2025-10-27T21:31:34

1 posts

An issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Status Service does not implement CSRF protections. An attacker who social engineers a valid user into clicking a malicious link or visiting a malicious website may be able to submit requests to the Job Status Service without the user's knowledge.

cR0w@infosec.exchange at 2025-10-27T17:05:52.000Z ##

Go hack more BAE shit.

https://www.cve.org/CVERecord?id=CVE-2025-12322

##

CVE-2025-12322
(8.8 HIGH)

EPSS: 0.00%

updated 2025-10-27T21:30:34

1 posts

A flaw has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function fromNatStaticSetting of the file /goform/NatStaticSetting. Executing manipulation of the argument page can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used.

cR0w@infosec.exchange at 2025-10-27T21:13:22.000Z ##

Tenda

https://www.cve.org/CVERecord?id=CVE-2025-12313

##

CVE-2025-12313
(6.3 MEDIUM)

EPSS: 0.00%

updated 2025-10-27T21:30:34

1 posts

A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1/24.04.18B1. The affected element is an unknown function of the file /msp_info.htm. Such manipulation of the argument cmd leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

cR0w@infosec.exchange at 2025-10-27T20:14:40.000Z ##

D-Link

##

CVE-2025-12236
(8.8 HIGH)

EPSS: 0.05%

updated 2025-10-27T21:30:27

1 posts

A vulnerability was determined in Tenda CH22 1.0.0.1. This issue affects the function fromDhcpListClient of the file /goform/DhcpListClient. This manipulation of the argument page causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

##

CVE-2025-12234
(8.8 HIGH)

EPSS: 0.05%

updated 2025-10-27T21:30:26

1 posts

A vulnerability has been found in Tenda CH22 1.0.0.1. This affects the function fromSafeMacFilter of the file /goform/SafeMacFilter. The manipulation of the argument page leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

https://github.com/aakashtyal/Session-Persistence-After-Enabling-2FA-CVE-2025-60425

##

CVE-2025-60425
(8.6 HIGH)

EPSS: 0.00%

updated 2025-10-27T20:15:53.773000

1 posts

Nagios Fusion v2024R1.2 and v2024R2 does not invalidate already existing session tokens when the two-factor authentication mechanism is enabled, allowing attackers to perform a session hijacking attack.

1 repos

cR0w@infosec.exchange at 2025-10-27T15:44:43.000Z ##

LMAO. Whoopsie.

Nagios Fusion v2024R1.2 and v2024R2 does not invalidate already existing session tokens when the two-factor authentication mechanism is enabled, allowing attackers to perform a session hijacking attack.

https://github.com/aakashtyal/Session-Persistence-After-Enabling-2FA-CVE-2025-60425

##

CVE-2025-12233
(8.8 HIGH)

EPSS: 0.05%

updated 2025-10-27T18:50:33.377000

1 posts

A flaw has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Executing manipulation of the argument page can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

##

CVE-2025-12235
(8.0 HIGH)

EPSS: 0.03%

updated 2025-10-27T18:45:58.327000

1 posts

A vulnerability was found in Tenda CH22 1.0.0.1. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page results in buffer overflow. The attack must originate from the local network. The exploit has been made public and could be used.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

https://www.cve.org/CVERecord?id=CVE-2025-61481

##

CVE-2025-61481
(10.0 CRITICAL)

EPSS: 0.00%

updated 2025-10-27T18:32:16

1 posts

An issue in MikroTik RouterOS v.7.14.2 and SwitchOS v.2.18 allows a remote attacker to execute arbitrary code via the HTTP- only WebFig management component

cR0w@infosec.exchange at 2025-10-27T14:02:28.000Z ##

MikroTik

##

CVE-2025-12240
(8.8 HIGH)

EPSS: 0.08%

updated 2025-10-27T18:32:16

1 posts

A security vulnerability has been detected in TOTOLINK A3300R 17.0.0cu.557_B20221024. This affects the function setDmzCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

##

CVE-2025-60339
(7.5 HIGH)

EPSS: 0.04%

updated 2025-10-27T18:32:15

1 posts

Multiple buffer overflow vulnerabilities in the openSchedWifi function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the schedStartTime and schedEndTime parameters.

cR0w@infosec.exchange at 2025-10-22T17:40:30.000Z ##

Tenda

TOTOLINK

##

CVE-2025-60337
(7.5 HIGH)

EPSS: 0.04%

updated 2025-10-27T18:32:15

1 posts

Tenda AC6 V2.0 15.03.06.50 was discovered to contain a buffer overflow in the speed_dir parameter in the SetSpeedWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

cR0w@infosec.exchange at 2025-10-22T17:40:30.000Z ##

Tenda

TOTOLINK

##

CVE-2025-22175
(5.4 MEDIUM)

EPSS: 0.04%

updated 2025-10-27T18:32:15

1 posts

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to modify the steps of another user's private checklist.

cR0w@infosec.exchange at 2025-10-22T17:13:10.000Z ##

Go hack some Jira shit.

##

CVE-2025-12363(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-10-27T18:31:24

1 posts

Email Password Disclosure.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

offseq at 2025-10-28T06:01:38.143Z ##

🔒 CVE-2025-12363 (CRITICAL): Azure Access Tech BLU-IC2/IC4 ≤1.19.5 leaks email passwords (CWE-200). No authentication or patch! Restrict access, enable MFA, audit logs. More: https://radar.offseq.com/threat/cve-2025-12363-cwe-200-exposure-of-sensitive-infor-7417b286 #OffSeq #Azure #Vulnerability #CVE2025 #BlueTeam

##

CVE-2025-54970(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-10-27T18:31:20

1 posts

An issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Status Service fails to authenticate requests. In some configurations, this may allow remote or local users to abort jobs or read information without the permissions of the job owner.

cR0w@infosec.exchange at 2025-10-27T17:05:52.000Z ##

Go hack more BAE shit.

https://www.cve.org/CVERecord?id=CVE-2025-12295

##

CVE-2025-12296
(4.7 MEDIUM)

EPSS: 0.00%

updated 2025-10-27T18:31:19

1 posts

A security vulnerability has been detected in D-Link DAP-2695 2.00RC13. The impacted element is the function sub_4174B0 of the component Firmware Update Handler. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

cR0w@infosec.exchange at 2025-10-27T17:06:52.000Z ##

D-Link

https://www.cve.org/CVERecord?id=CVE-2025-12296

##

CVE-2025-12364(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-10-27T18:31:13

1 posts

Weak Password Policy.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

offseq at 2025-10-28T04:31:37.705Z ##

🔒 CVE-2025-12364 (CVSS 10): Azure BLU-IC2/IC4 ≤1.19.5 has CRITICAL weak password policies (CWE-521). No exploit yet—enforce strong passwords & enable MFA. Monitor for updates and review access controls. Learn more: https://radar.offseq.com/threat/cve-2025-12364-cwe-521-weak-password-requirements--0d6651d6 #OffSeq #Azure #Vulnerability #CVE202512364

##

CVE-2025-54968(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-10-27T18:31:13

1 posts

An issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Service does not require authentication. In some configurations, this may allow remote users to submit jobs, or local users to submit jobs that will execute with the permissions of other users.

cR0w@infosec.exchange at 2025-10-27T17:05:52.000Z ##

Go hack more BAE shit.

##

CVE-2025-54967(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-10-27T18:31:13

1 posts

An issue was discovered in BAE SOCET GXP before 4.6.0.3. It permits external entities in certain XML-based files. An attacker who is able to social engineer a SOCET GXP user into opening a malicious file can trigger a variety of outbound requests, potentially compromising sensitive information in the process.

cR0w@infosec.exchange at 2025-10-27T17:05:52.000Z ##

Go hack more BAE shit.

https://www.cve.org/CVERecord?id=CVE-2025-12295

##

CVE-2025-12295
(6.6 MEDIUM)

EPSS: 0.00%

updated 2025-10-27T18:31:11

1 posts

A weakness has been identified in D-Link DAP-2695 2.00RC13. The affected element is the function sub_40C6B8 of the component Firmware Update Handler. Executing manipulation can lead to improper verification of cryptographic signature. The attack can be launched remotely. Attacks of this nature are highly complex. The exploitability is described as difficult. The exploit has been made available to

cR0w@infosec.exchange at 2025-10-27T17:06:52.000Z ##

D-Link

https://www.cve.org/CVERecord?id=CVE-2025-12296

##

CVE-2025-12239
(8.8 HIGH)

EPSS: 0.08%

updated 2025-10-27T18:00:52.427000

1 posts

A weakness has been identified in TOTOLINK A3300R 17.0.0cu.557_B20221024. The impacted element is the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi. Executing manipulation can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be exploited.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

https://github.com/SellMeFish/windows-smb-vulnerability-framework-cve-2025-33073

##

CVE-2025-33073
(8.8 HIGH)

EPSS: 36.78%

updated 2025-10-27T17:12:42.667000

4 posts

Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.

6 repos

https://github.com/mverschu/CVE-2025-33073

https://github.com/cve-2025-33073/cve-2025-33073

https://github.com/obscura-cert/CVE-2025-33073

https://github.com/sleepasleepzzz/CVE-2025-33073

https://github.com/matejsmycka/CVE-2025-33073-checker

benzogaga33@mamot.fr at 2025-10-22T09:40:02.000Z ##

Windows – CVE-2025-33073 : la CISA alerte sur une faille SMB activement exploitée ! https://www.it-connect.fr/windows-cve-2025-33073-la-cisa-alerte-sur-une-faille-smb-activement-exploitee/ #ActuCybersécurité #Cybersécurité #Microsoft #Windows

##

jos1264@social.skynetcloud.site at 2025-10-21T13:30:02.000Z ##

CISA warns of Windows SMB flaw under active exploitation (CVE-2025-33073) https://www.helpnetsecurity.com/2025/10/21/cisa-warns-of-windows-smb-flaw-under-active-exploitation-cve-2025-33073/ #GuidePointSecurity #WindowsServer #Don'tmiss #Synacktiv #WatchTowr #Hotstuff #Windows #News #CISA #PoC

##

jbhall56@infosec.exchange at 2025-10-21T11:09:02.000Z ##

The bug, tracked as CVE-2025-33073, was added to CISA's Known Exploited Vulnerabilities (KEV) catalogue on October 20, confirming that real-world attackers are using the vulnerability in ongoing campaigns. https://www.theregister.com/2025/10/21/cisa_windows_smb_bug/

##

jos1264@social.skynetcloud.site at 2025-10-21T09:50:02.000Z ##

CISA Warns of Active Exploitation of Critical Windows SMB Flaw CVE-2025-33073 https://thecyberexpress.com/windows-smb-flaw-cve-2025-33073-alert/ #TheCyberExpressNews #ServerMessageBlock #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202533073 #CyberNews #Windows #CISA #SMB

##

CVE-2025-59230
(7.8 HIGH)

EPSS: 9.53%

updated 2025-10-27T17:12:37.767000

1 posts

Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.

2 repos

https://github.com/moegameka/CVE-2025-59230-LPE

https://github.com/stalker110119/CVE-2025-59230

cloud-native@activitypub.awakari.com at 2025-10-14T14:03:40.000Z ## Microsoft’s October 2025 Patch Tuesday Addresses 167 CVEs (CVE-2025-24990, CVE-2025-59230) 7 Critical 158 Important 2 Moderate 0 Low Microsoft addresses 167 CVEs in its largest Patch Tuesday to d...

Origin | Interest | Match ##

CVE-2025-2776
(9.3 CRITICAL)

EPSS: 56.42%

updated 2025-10-27T16:58:51.230000

1 posts

SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the Server URL processing functionality, allowing for administrator account takeover and file read primitives.

https://github.com/mrk336/From-EternalBlue-to-CVE-2025-2776-The-Evolution-of-an-SMB-Attack

2 repos

https://github.com/watchtowrlabs/watchTowr-vs-SysAid-PreAuth-RCE-Chain

DarkWebInformer@infosec.exchange at 2025-10-23T17:37:43.000Z ##

🚨PoC for SysAid PreAuth RCE Chain (CVE-2025-2775, CVE-2025-2776, CVE-2025-2777, CVE-2025-2778)

GitHub: https://github.com/watchtowrlabs/watchTowr-vs-SysAid-PreAuth-RCE-Chain

Write-up: https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/

##

CVE-2025-9164(CVSS UNKNOWN)

EPSS: 0.00%

updated 2025-10-27T15:30:49

1 posts

Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This issue affects Docker Desktop: through 4.48.0.

cR0w@infosec.exchange at 2025-10-27T14:01:22.000Z ##

"How is this even still a thing in a project the size of Docker?" asked the crow with like 1000 ../ memes.

https://www.cve.org/CVERecord?id=CVE-2025-9164

Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.
This issue affects Docker Desktop: through 4.48.0.

##

CVE-2025-12274
(8.8 HIGH)

EPSS: 0.00%

updated 2025-10-27T15:30:41

1 posts

A security vulnerability has been detected in Tenda CH22 1.0.0.1. Affected by this vulnerability is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

https://www.cve.org/CVERecord?id=CVE-2025-12351

##

CVE-2025-12351
(6.8 MEDIUM)

EPSS: 0.00%

updated 2025-10-27T15:15:37.653000

1 posts

Honeywell S35 Series Cameras contains an authorization bypass Vulnerability through User controller key. An attacker could potentially exploit this vulnerability, leading to Privilege Escalation to admin privileged functionalities . Honeywell also recommends updating to the most recent version of this product, service or offering (S35 Pinhole/Kit Camera to version 2025.08.28, S35 AI Fisheye & Dual

cR0w@infosec.exchange at 2025-10-27T15:46:45.000Z ##

Honeywell Camera

https://github.com/edera-dev/cve-tarmageddon

##

CVE-2025-62518
(8.1 HIGH)

EPSS: 0.01%

updated 2025-10-27T15:13:04

7 posts

## Summary Versions of `astral-tokio-tar` prior to 0.5.6 contain a boundary parsing vulnerability that allows attackers to smuggle additional archive entries by exploiting inconsistent PAX/ustar header handling. When processing archives with PAX-extended headers containing size overrides, the parser incorrectly advances stream position based on ustar header size (often zero) instead of the PAX-sp

1 repos

DarkWebInformer@infosec.exchange at 2025-10-25T21:12:27.000Z ##

🚨TARmageddon: High Profile Security Vulnerability In Popular Rust Library

CVE: CVE-2025-62518

CVSS: 8.1

GitHub: https://github.com/edera-dev/cve-tarmageddon

Write-up: https://edera.dev/stories/tarmageddon

##

jbz@indieweb.social at 2025-10-24T23:00:59.000Z ##

⚠️ TARmageddon flaw in abandoned Rust library enables RCE attacks

｢ Tracked as CVE-2025-62518, this logic flaw results from a desynchronization issue that allows unauthenticated attackers to inject additional archive entries during TAR file extraction ｣

https://www.bleepingcomputer.com/news/security/tarmageddon-flaw-in-abandoned-rust-library-enables-rce-attacks/

#rust #rce #exploit #cybersecurity

##

_r_netsec@infosec.exchange at 2025-10-24T06:43:06.000Z ##

TARMAGEDDON (CVE-2025-62518): RCE Vulnerability Highlights the challenges of open source abandonware https://edera.dev/stories/tarmageddon

##

jos1264@social.skynetcloud.site at 2025-10-23T12:40:02.000Z ##

RCE Vulnerability (CVE-2025-62518) Discovered in Popular Rust Library async-tar and Its Forks https://thecyberexpress.com/cve%E2%80%912025%E2%80%9162518-rce-flaw-in-async-tar/ #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #CVE‑2025‑62518 #FirewallDaily #Rustlibrary #CyberNews #tokio #RCE

##

lobsters@mastodon.social at 2025-10-21T16:10:10.000Z ##

TARmageddon (CVE-2025-62518) highlights the challenges of open source abandonware https://lobste.rs/s/tbmns8 #rust #security
https://edera.dev/stories/tarmageddon

##

linux@activitypub.awakari.com at 2025-10-21T14:38:51.000Z ## TARmageddon Strikes: High Profile Security Vulnerability In Popular Rust Library Going public today is CVE-2025-62518, or better known by the name given by the security researchers involved: TARmag...

Origin | Interest | Match ##

phoronix@social.cutie.team at 2025-10-21T15:00:40.047Z ##

TARmageddon Strikes: High Profile Security Vulnerability In Popular Rust Library

Going public today is CVE-2025-62518, or better known by the name given by the security researchers involved: TARmageddon. The TARmageddon vulnerability affects the popular async-tar Rust library and its various forks like tokio-tar. In turn TARmageddon impacts the uv Python package manager and other users of this library...

https://www.phoronix.com/news/Rust-TARmageddon

##

CVE-2025-1679
(0 None)

EPSS: 0.04%

updated 2025-10-27T13:20:33.350000

1 posts

Cross-site Scripting has been identified in Moxa’s Ethernet switches, which allows an authenticated administrative attacker to inject malicious scripts to an affected device’s web service that could impact authenticated users interacting with the device’s web interface. This vulnerability is classified as stored cross-site scripting (XSS); attackers inject malicious scripts into the system, and th

cR0w@infosec.exchange at 2025-10-23T14:03:03.000Z ##

Vilar

https://www.cve.org/CVERecord?id=CVE-2025-53701

https://www.cve.org/CVERecord?id=CVE-2025-53702

Moxa

https://www.cve.org/CVERecord?id=CVE-2025-1679

https://www.cve.org/CVERecord?id=CVE-2025-62820

##

CVE-2025-62820
(4.9 MEDIUM)

EPSS: 0.04%

updated 2025-10-27T13:20:33.350000

1 posts

Slack Nebula before 1.9.7 mishandles CIDR in some configurations and thus accepts arbitrary source IP addresses within the Nebula network.

cR0w@infosec.exchange at 2025-10-23T13:07:51.000Z ##

I don't know what Nebula is but you would think Slack could handle IP network definitions properly by now.

##

CVE-2025-62396
(5.3 MEDIUM)

EPSS: 0.03%

updated 2025-10-27T13:20:33.350000

1 posts

An error-handling issue in the Moodle router (r.php) could cause the application to display internal directory listings when specific HTTP headers were not properly configured.

cR0w@infosec.exchange at 2025-10-23T13:03:08.000Z ##

Hey kids, definitely don't go messing around with your Moodle classes.

##

CVE-2025-62398
(5.4 MEDIUM)

EPSS: 0.05%

updated 2025-10-27T13:20:33.350000

1 posts

A serious authentication flaw allowed attackers with valid credentials to bypass multi-factor authentication under certain conditions, potentially compromising user accounts.

cR0w@infosec.exchange at 2025-10-23T13:03:08.000Z ##

Hey kids, definitely don't go messing around with your Moodle classes.

##

CVE-2025-62397
(5.3 MEDIUM)

EPSS: 0.03%

updated 2025-10-27T13:20:33.350000

1 posts

The router’s inconsistent response to invalid course IDs allowed attackers to infer which course IDs exist, potentially aiding reconnaissance.

cR0w@infosec.exchange at 2025-10-23T13:03:08.000Z ##

Hey kids, definitely don't go messing around with your Moodle classes.

##

CVE-2025-62400
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-10-27T13:20:33.350000

1 posts

Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information.

cR0w@infosec.exchange at 2025-10-23T13:03:08.000Z ##

Hey kids, definitely don't go messing around with your Moodle classes.

https://github.com/Mpokes/CVE-2025-59503-Poc

##

CVE-2025-43995
(9.8 CRITICAL)

EPSS: 0.17%

updated 2025-10-27T13:20:15.637000

2 posts

Dell Storage Center - Dell Storage Manager, version(s) 20.1.21, contain(s) an Improper Authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. Authentication Bypass in DSM Data Collector. An unauthenticated remote attacker can access APIs exposed by ApiProxy.war in DataCollectorEar.ear by usi

beyondmachines1 at 2025-10-28T08:01:31.686Z ##

Multiple Dell Storage Manager vulnerabilities patched, at least one critical

Dell Technologies reports three vulnerabilities in Storage Manager software, at least one critical (CVE-2025-43995) that allow unauthenticated remote attackers to bypass authentication, access sensitive configuration data, and exfiltrate information through XML external entity exploitation.

**If you're using Dell Storage Manager, make sure the management interface is isolated from the internet and accessible only from trusted networks. Then plan a quick upgrade to version 2020 R1.22 or later. Not a panic mode patch, but wise to plan it out, updating storage components can be a longer process.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/multiple-dell-storage-manager-vulnerabilities-patched-at-least-one-critical-c-j-d-9-e/gD2P6Ple2L

##

beyondmachines1@infosec.exchange at 2025-10-28T08:01:31.000Z ##

Multiple Dell Storage Manager vulnerabilities patched, at least one critical

Dell Technologies reports three vulnerabilities in Storage Manager software, at least one critical (CVE-2025-43995) that allow unauthenticated remote attackers to bypass authentication, access sensitive configuration data, and exfiltrate information through XML external entity exploitation.

**If you're using Dell Storage Manager, make sure the management interface is isolated from the internet and accessible only from trusted networks. Then plan a quick upgrade to version 2020 R1.22 or later. Not a panic mode patch, but wise to plan it out, updating storage components can be a longer process.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/multiple-dell-storage-manager-vulnerabilities-patched-at-least-one-critical-c-j-d-9-e/gD2P6Ple2L

##

CVE-2025-59503
(9.9 CRITICAL)

EPSS: 0.08%

updated 2025-10-27T13:20:15.637000

1 posts

Server-side request forgery (ssrf) in Azure Compute Gallery allows an authorized attacker to elevate privileges over a network.

1 repos

cR0w@infosec.exchange at 2025-10-23T22:23:07.000Z ##

Azure CVEs. Already fixed, not listed as exploited or publicly disclosed.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59500

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59273

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59503

##

CVE-2025-59500
(7.7 HIGH)

EPSS: 0.06%

updated 2025-10-27T13:20:15.637000

1 posts

Improper access control in Azure Notification Service allows an authorized attacker to elevate privileges over a network.

cR0w@infosec.exchange at 2025-10-23T22:23:07.000Z ##

Azure CVEs. Already fixed, not listed as exploited or publicly disclosed.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59500

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59273

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59503

##

CVE-2025-58428
(9.9 CRITICAL)

EPSS: 0.40%

updated 2025-10-27T13:20:15.637000

1 posts

The TLS4B ATG system's SOAP-based interface is vulnerable due to its accessibility through the web services handler. This vulnerability enables remote attackers with valid credentials to execute system-level commands on the underlying Linux system. This could allow the attacker to achieve remote command execution, full shell access, and potential lateral movement within the network.

beyondmachines1@infosec.exchange at 2025-10-23T20:01:31.000Z ##

Critical command injection flaw reported in Veeder-Root TLS4B automatic tank gauge system

Veeder-Root is reporting two vulnerabilities in its TLS4B Automatic Tank Gauge System: critical CVE-2025-58428, a command injection flaw in the SOAP interface allowing authenticated attackers to execute system-level commands and gain full shell access, and CVE-2025-55067, an integer overflow vulnerability related to the 2038 Unix epoch rollover that causes authentication failures and system disruption when exploited.

**If you use Veeder-Root TLS4B tank gauge systems, make sure they are isolated from the internet and accessible only from trusted networks. Then plan a patch to version 11.A or newer. The flaw still requires admin login so also work with the administrators for detecting phishing and avoiding malware.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-command-injection-flaw-reported-in-veeder-root-tls4b-automatic-tank-gauge-system-x-1-7-3-i/gD2P6Ple2L

##

CVE-2025-62498
(8.8 HIGH)

EPSS: 0.03%

updated 2025-10-27T13:20:15.637000

1 posts

A relative path traversal (ZipSlip) vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an attacker who can tamper with a productivity project to execute arbitrary code on the machine where the project is opened.

beyondmachines1@infosec.exchange at 2025-10-23T19:01:31.000Z ##

Multiple vulnerabilities reported in AutomationDirect Productivity Suite and PLCs, at least one critical

AutomationDirect is reporting nine security vulnerabilities in its Productivity Suite programming software (version 4.2.1.9 and prior) and Productivity PLC controllers (firmware v4.4.1.19 and prior), including critical CVE-2025-61934 that allows unauthenticated remote attackers to read, write, or delete arbitrary files through the ProductivityService PLC simulator, and CVE-2025-62498 enabling arbitrary code execution via malicious project files.

**If you use AutomationDirect Productivity Suite software or PLCs, plan a quick update to version 4.5.0.x or later. In the meantime make sure they are isolated from the internet and accessible from trusted networks.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/multiple-vulnerabilities-reported-in-automationdirect-productivity-suite-and-plcs-at-least-one-critical-j-q-1-2-j/gD2P6Ple2L

##

CVE-2025-10561
(9.3 CRITICAL)

EPSS: 0.01%

updated 2025-10-27T13:19:49.063000

1 posts

The device is running an outdated operating system, which may be susceptible to known vulnerabilities.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

##

CVE-2025-46583
(5.3 MEDIUM)

EPSS: 0.04%

updated 2025-10-27T13:19:49.063000

1 posts

There is a Denial of Service（DoS）vulnerability in the ZTE MC889A Pro product. Due to insufficient validation of the input parameters of the Short Message Service interface, allowing an attacker to exploit it to carry out a DoS attack.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

https://arstechnica.com/security/2025/10/bind-warns-of-bugs-that-could-bring-dns-cache-attack-back-from-the-dead/

##

CVE-2025-40778
(8.6 HIGH)

EPSS: 0.01%

updated 2025-10-27T13:15:44.780000

7 posts

Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This issue affects BIND 9 versions 9.11.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.

bortzmeyer@mastodon.gougere.fr at 2025-10-28T09:10:41.000Z ##

#DNS #sysAdmin
Petit rappel que si vous utilisez #BIND comme résolveur (alors qu'il existe d'autres choix), METTEZ À JOUR : il y a encore une faille on-va-tous-mourir https://kb.isc.org/docs/cve-2025-40778

##

bortzmeyer@mastodon.gougere.fr at 2025-10-28T09:10:41.000Z ##

#DNS #sysAdmin
Petit rappel que si vous utilisez #BIND comme résolveur (alors qu'il existe d'autres choix), METTEZ À JOUR : il y a encore une faille on-va-tous-mourir https://kb.isc.org/docs/cve-2025-40778

##

jos1264@social.skynetcloud.site at 2025-10-27T12:40:02.000Z ##

New BIND 9 Security Flaw (CVE-2025-40778) Threatens Global DNS Infrastructure https://thecyberexpress.com/cve-2025-40778-flaw-exposes-706k-servers/ #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #Cachepoisoning #FirewallDaily #CVE202540778 #CyberNews #BIND9DNS

##

secupriv@mastodon.nl at 2025-10-23T05:25:12.000Z ##

Running a #DNS server, depending on your setup, now might a good time to update.

CVE-2025-40778 and CVE-2025-40780

#bind #CVE #Unbound #NetworkSecurity #Network #Security

##

DarkWebInformer@infosec.exchange at 2025-10-23T01:06:59.000Z ##

🚨 The developers behind BIND, the Internet’s most widely used domain name resolution software, have issued a warning about two serious vulnerabilities that could let attackers poison entire DNS caches, redirecting users to malicious sites that appear completely legitimate.

CVE: CVE-2025-40778 and CVE-2025-40780

CVSS: Both 8.6

More: https://arstechnica.com/security/2025/10/bind-warns-of-bugs-that-could-bring-dns-cache-attack-back-from-the-dead/

##

jschauma@mstdn.social at 2025-10-22T16:10:11.000Z ##

Hmm, this BIND Cache poisoning attacks with unsolicited RRs (CVE-2025-40778) is light on details.

"Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache."

Anybody done the source spelunking to sort out the circumstances?

##

cR0w@infosec.exchange at 2025-10-22T15:58:55.000Z ##

Cache poisoning:

https://kb.isc.org/docs/cve-2025-40780

And DoS:

https://kb.isc.org/docs/cve-2025-8677

in BIND 9.

##

CVE-2025-12271
(8.8 HIGH)

EPSS: 0.00%

updated 2025-10-27T12:33:03

1 posts

A vulnerability was identified in Tenda CH22 1.0.0.1. This affects the function fromRouteStatic of the file /goform/RouteStatic. Such manipulation of the argument page leads to buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

##

CVE-2025-59460
(7.5 HIGH)

EPSS: 0.04%

updated 2025-10-27T12:32:59

1 posts

The system is deployed in its default state, with configuration settings that do not comply with the latest best practices for restricting access. This increases the risk of unauthorised connections.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

##

CVE-2025-59463
(4.3 MEDIUM)

EPSS: 0.02%

updated 2025-10-27T12:32:59

1 posts

An attacker may cause chunk-size mismatches that block file transfers and prevent subsequent transfers.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

##

CVE-2025-59459
(5.5 MEDIUM)

EPSS: 0.01%

updated 2025-10-27T12:32:59

1 posts

An attacker that gains SSH access to an unprivileged account may be able to disrupt services (including SSH), causing persistent loss of availability.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

##

CVE-2025-12258
(8.8 HIGH)

EPSS: 0.08%

updated 2025-10-27T12:32:58

1 posts

A vulnerability was detected in TOTOLINK A3300R 17.0.0cu.557_B20221024. Impacted is the function setOpModeCfg of the file /cgi-bin/cstecgi.cg of the component POST Parameter Handler. The manipulation of the argument opmode results in stack-based buffer overflow. The attack may be performed from remote.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

##

CVE-2025-12260
(8.8 HIGH)

EPSS: 0.08%

updated 2025-10-27T12:32:58

1 posts

A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024. The impacted element is the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. Such manipulation of the argument enable leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

##

CVE-2025-12272
(8.8 HIGH)

EPSS: 0.00%

updated 2025-10-27T12:32:53

1 posts

A security flaw has been discovered in Tenda CH22 1.0.0.1. This impacts the function fromAddressNat of the file /goform/addressNat. Performing manipulation of the argument page results in buffer overflow. The attack may be initiated remotely. The exploit has been released to the public and may be exploited.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

##

CVE-2025-59462
(6.5 MEDIUM)

EPSS: 0.02%

updated 2025-10-27T12:32:52

1 posts

An attacker who tampers with the C++ CLI client may crash the UpdateService during file transfers, disrupting updates and availability.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

##

CVE-2025-12265
(8.8 HIGH)

EPSS: 0.05%

updated 2025-10-27T12:32:52

1 posts

A weakness has been identified in Tenda CH22 1.0.0.1. Affected by this issue is the function fromVirtualSer of the file /goform/VirtualSer. This manipulation of the argument page causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

##

CVE-2025-59461
(7.6 HIGH)

EPSS: 0.07%

updated 2025-10-27T12:32:52

1 posts

A remote unauthenticated attacker may use the unauthenticated C++ API to access or modify sensitive data and disrupt services.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

##

CVE-2025-46582
(7.7 HIGH)

EPSS: 0.03%

updated 2025-10-27T09:30:28

1 posts

A private key disclosure vulnerability exists in ZTE's ZXMP M721 product. A low-privileged user can bypass authorization checks to view the device's communication private key, resulting in key exposure and impacting communication security.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

##

CVE-2025-12232
(8.8 HIGH)

EPSS: 0.05%

updated 2025-10-27T09:30:27

1 posts

A vulnerability was detected in Tenda CH22 1.0.0.1. Affected by this vulnerability is the function fromSafeClientFilter of the file /goform/SafeClientFilter. Performing manipulation of the argument page results in buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used.

cR0w@infosec.exchange at 2025-10-27T13:49:56.000Z ##

Tenda

TOTOLINK

SICK

ZTE

##

CVE-2025-62393
(4.3 MEDIUM)

EPSS: 0.02%

updated 2025-10-24T20:59:28

1 posts

A flaw was found in the course overview output function where user access permissions were not fully enforced. This could allow unauthorized users to view information about courses they should not have access to, potentially exposing limited course details.

cR0w@infosec.exchange at 2025-10-23T13:03:08.000Z ##

Hey kids, definitely don't go messing around with your Moodle classes.

##

CVE-2025-62394
(4.3 MEDIUM)

EPSS: 0.03%

updated 2025-10-24T20:59:23

1 posts

Moodle failed to verify enrolment status correctly when sending quiz notifications. As a result, suspended or inactive users might receive quiz-related messages, leaking limited course information.

cR0w@infosec.exchange at 2025-10-23T13:03:08.000Z ##

Hey kids, definitely don't go messing around with your Moodle classes.

##

CVE-2025-62401
(5.4 MEDIUM)

EPSS: 0.04%

updated 2025-10-24T20:58:54

1 posts

An issue in Moodle's timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment.

cR0w@infosec.exchange at 2025-10-23T13:03:08.000Z ##

Hey kids, definitely don't go messing around with your Moodle classes.

##

CVE-2025-62399
(7.5 HIGH)

EPSS: 0.07%

updated 2025-10-24T20:58:13

1 posts

Moodle's mobile and web service authentication endpoints did not sufficiently restrict repeated password attempts, making them susceptible to brute-force attacks.

cR0w@infosec.exchange at 2025-10-23T13:03:08.000Z ##

Hey kids, definitely don't go messing around with your Moodle classes.

https://github.com/yoshino-s/CVE-2025-62506

##

CVE-2025-62506
(8.1 HIGH)

EPSS: 0.04%

updated 2025-10-24T19:28:26

6 posts

### Summary A privilege escalation vulnerability allows service accounts and STS (Security Token Service) accounts with restricted session policies to bypass their inline policy restrictions when performing "own" account operations, specifically when creating new service accounts for the same user. ### Details The vulnerability exists in the IAM policy validation logic in `cmd/iam.go`. When valid

1 repos

hn100@social.lansky.name at 2025-10-23T18:50:10.000Z ##

MinIO declines to release Docker builds resolving CVE-2025-62506

Link: https://github.com/minio/minio/issues/21647
Discussion: https://news.ycombinator.com/item?id=45684035

##

newsycombinator@framapiaf.org at 2025-10-23T18:00:34.000Z ##

MinIO declines to release Docker builds resolving CVE-2025-62506
Link: https://github.com/minio/minio/issues/21647
Comments: https://news.ycombinator.com/item?id=45684035

##

hn50@social.lansky.name at 2025-10-23T18:00:06.000Z ##

MinIO declines to release Docker builds resolving CVE-2025-62506

Link: https://github.com/minio/minio/issues/21647
Discussion: https://news.ycombinator.com/item?id=45684035

##

ycombinator@rss-mstdn.studiofreesia.com at 2025-10-23T17:24:36.000Z ##

MinIO declines to release Docker builds resolving CVE-2025-62506
https://github.com/minio/minio/issues/21647
#ycombinator

##

h4ckernews@mastodon.social at 2025-10-23T17:23:09.000Z ##

MinIO declines to release Docker builds resolving CVE-2025-62506

https://github.com/minio/minio/issues/21647

#HackerNews #MinIO #Docker #CVE-2025-62506 #security #vulnerability #open-source

##

CuratedHackerNews@mastodon.social at 2025-10-23T17:21:05.000Z ##

MinIO declines to release Docker builds resolving CVE-2025-62506

https://github.com/minio/minio/issues/21647

#docker #github

##

CVE-2025-7850
(7.2 HIGH)

EPSS: 1.45%

updated 2025-10-24T18:30:58

1 posts

A command injection vulnerability may be exploited after the admin's authentication on the web portal on Omada gateways.

cR0w@infosec.exchange at 2025-10-21T13:19:13.000Z ##

TP-Link

##

CVE-2025-7851
(9.8 CRITICAL)

EPSS: 0.05%

updated 2025-10-24T17:15:43.390000

2 posts

An attacker may obtain the root shell on the underlying OS system with the restricted conditions on Omada gateways.

beyondmachines1@infosec.exchange at 2025-10-22T11:01:31.000Z ##

Critical command injection vulnerabilities in TP-Link Omada Gateways enable remote code execution

TP-Link has disclosed multiple critical vulnerabilities in its Omada gateway product line, including CVE-2025-6542, an unauthenticated remote command injection flaw that allows attackers to execute arbitrary OS commands without credentials, and three additional command injection and privilege escalation vulnerabilities (CVE-2025-6541, CVE-2025-8750, and CVE-2025-7851) affecting 13 different Omada gateway models.

**If you're using TP-Link Omada gateways, update to the latest firmware ASAP. There is at least one critical flaw that can be exploited remotely without authentication. Prioritize patching internet-facing gateways first. Isolating doesn't really work for a device that's designed to be a gateway to other networks.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-command-injection-vulnerabilities-in-tp-link-omada-gateways-enable-remote-code-execution-z-f-2-7-o/gD2P6Ple2L

##

cR0w@infosec.exchange at 2025-10-21T13:19:13.000Z ##

TP-Link

##

CVE-2025-22178
(4.3 MEDIUM)

EPSS: 0.04%

updated 2025-10-24T15:32:26

1 posts

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to view items on the "Why" page.

cR0w@infosec.exchange at 2025-10-22T17:13:10.000Z ##

Go hack some Jira shit.

##

CVE-2025-22174
(4.3 MEDIUM)

EPSS: 0.04%

updated 2025-10-24T15:32:26

1 posts

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to view portfolio rooms without the required permission.

cR0w@infosec.exchange at 2025-10-22T17:13:10.000Z ##

Go hack some Jira shit.

##

CVE-2025-22173
(4.3 MEDIUM)

EPSS: 0.04%

updated 2025-10-24T15:32:26

1 posts

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to view certain sprint data without the required permission.

cR0w@infosec.exchange at 2025-10-22T17:13:10.000Z ##

Go hack some Jira shit.

##

CVE-2025-22172
(4.3 MEDIUM)

EPSS: 0.04%

updated 2025-10-24T15:32:26

1 posts

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to read external reports without the required permission.

cR0w@infosec.exchange at 2025-10-22T17:13:10.000Z ##

Go hack some Jira shit.

##

CVE-2025-22171
(4.3 MEDIUM)

EPSS: 0.04%

updated 2025-10-24T15:32:25

1 posts

Jira Align is vulnerable to an authorization issue. A low-privilege user is able to alter the private checklists of other users.

cR0w@infosec.exchange at 2025-10-22T17:13:10.000Z ##

Go hack some Jira shit.

##

CVE-2025-22170
(4.3 MEDIUM)

EPSS: 0.04%

updated 2025-10-24T15:32:25

1 posts

Jira Align is vulnerable to an authorization issue. A low-privilege user without sufficient privileges to perform an action could if they included a particular state-related parameter of a user with sufficient privileges to perform the action.

cR0w@infosec.exchange at 2025-10-22T17:13:10.000Z ##

Go hack some Jira shit.

##

CVE-2025-22168
(4.3 MEDIUM)

EPSS: 0.04%

updated 2025-10-24T15:32:25

1 posts

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to read the steps of another user's private checklist.

cR0w@infosec.exchange at 2025-10-22T17:13:10.000Z ##

Go hack some Jira shit.

##

CVE-2025-6541
(8.8 HIGH)

EPSS: 0.05%

updated 2025-10-24T15:32:25

2 posts

An arbitrary OS command may be executed on the product by the user who can log in to the web management interface.

beyondmachines1@infosec.exchange at 2025-10-22T11:01:31.000Z ##

Critical command injection vulnerabilities in TP-Link Omada Gateways enable remote code execution

TP-Link has disclosed multiple critical vulnerabilities in its Omada gateway product line, including CVE-2025-6542, an unauthenticated remote command injection flaw that allows attackers to execute arbitrary OS commands without credentials, and three additional command injection and privilege escalation vulnerabilities (CVE-2025-6541, CVE-2025-8750, and CVE-2025-7851) affecting 13 different Omada gateway models.

**If you're using TP-Link Omada gateways, update to the latest firmware ASAP. There is at least one critical flaw that can be exploited remotely without authentication. Prioritize patching internet-facing gateways first. Isolating doesn't really work for a device that's designed to be a gateway to other networks.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-command-injection-vulnerabilities-in-tp-link-omada-gateways-enable-remote-code-execution-z-f-2-7-o/gD2P6Ple2L

##

cR0w@infosec.exchange at 2025-10-21T13:19:13.000Z ##

TP-Link

##

CVE-2025-22169
(5.4 MEDIUM)

EPSS: 0.04%

updated 2025-10-24T14:24:57.253000

1 posts

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to subscribe to an item/object without having the expected permission level.

cR0w@infosec.exchange at 2025-10-22T17:13:10.000Z ##

Go hack some Jira shit.

##

CVE-2025-22176
(4.3 MEDIUM)

EPSS: 0.04%

updated 2025-10-24T14:20:53.383000

1 posts

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to view audit log items.

cR0w@infosec.exchange at 2025-10-22T17:13:10.000Z ##

Go hack some Jira shit.

##

CVE-2025-22177
(4.3 MEDIUM)

EPSS: 0.04%

updated 2025-10-24T14:20:40.950000

1 posts

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to view other team overviews.

cR0w@infosec.exchange at 2025-10-22T17:13:10.000Z ##

Go hack some Jira shit.

https://github.com/Leviticus-Triage/ChromSploit-Framework

##

CVE-2025-2783
(8.3 HIGH)

EPSS: 27.20%

updated 2025-10-24T14:06:49.887000

3 posts

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)

3 repos

https://github.com/byteReaper77/CVE-2025-2783

https://github.com/Alchemist3dot14/CVE-2025-2783

jbhall56 at 2025-10-28T12:43:15.493Z ##

The vulnerability in question is CVE-2025-2783 (CVSS score: 8.3), a case of sandbox escape which the company disclosed in March 2025 as having come under active exploitation as part of a campaign dubbed Operation ForumTroll targeting organizations in Russia. https://thehackernews.com/2025/10/chrome-zero-day-exploited-to-deliver.html

##

jbhall56@infosec.exchange at 2025-10-28T12:43:15.000Z ##

The vulnerability in question is CVE-2025-2783 (CVSS score: 8.3), a case of sandbox escape which the company disclosed in March 2025 as having come under active exploitation as part of a campaign dubbed Operation ForumTroll targeting organizations in Russia. https://thehackernews.com/2025/10/chrome-zero-day-exploited-to-deliver.html

##

AAKL@infosec.exchange at 2025-10-27T17:30:38.000Z ##

This relates to CVE-2025-2783.

Kaspersky: Mem3nt0 mori – The Hacking Team is back! https://securelist.com/forumtroll-apt-hacking-team-dante-spyware/117851/ @Kaspersky #phishing #Google #Chrome #zeroday

##

CVE-2025-6542
(9.8 CRITICAL)

EPSS: 0.15%

updated 2025-10-24T13:50:10.897000

3 posts

An arbitrary OS command may be executed on the product by a remote unauthenticated attacker.

beyondmachines1@infosec.exchange at 2025-10-22T11:01:31.000Z ##

Critical command injection vulnerabilities in TP-Link Omada Gateways enable remote code execution

TP-Link has disclosed multiple critical vulnerabilities in its Omada gateway product line, including CVE-2025-6542, an unauthenticated remote command injection flaw that allows attackers to execute arbitrary OS commands without credentials, and three additional command injection and privilege escalation vulnerabilities (CVE-2025-6541, CVE-2025-8750, and CVE-2025-7851) affecting 13 different Omada gateway models.

**If you're using TP-Link Omada gateways, update to the latest firmware ASAP. There is at least one critical flaw that can be exploited remotely without authentication. Prioritize patching internet-facing gateways first. Isolating doesn't really work for a device that's designed to be a gateway to other networks.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-command-injection-vulnerabilities-in-tp-link-omada-gateways-enable-remote-code-execution-z-f-2-7-o/gD2P6Ple2L

##

knoppix95@mastodon.social at 2025-10-22T05:35:45.000Z ##

🚨 TP-Link discloses 4 security flaws in Omada gateways
🔹 Critical pre-auth OS command injection (CVE-2025-6542, CVSS 9.3)
🔹 Three other high-severity flaws allow command execution or root shell access

🔒 Patch now—13 models affected
💬 Impacts SMBs using Omada as firewall/VPN/router

🔗 https://www.bleepingcomputer.com/news/security/tp-link-warns-of-critical-command-injection-flaw-in-omada-gateways/

#TechNews #Cybersecurity #Gateway #TPLink #Router #Modem #Infosec #Vulnerability #DataSecurity #Firmware #Networking #Network #IT #Privacy #OpenSource #Linux #Hacking #SysAdmin

##

cR0w@infosec.exchange at 2025-10-21T13:19:13.000Z ##

TP-Link

##

CVE-2025-60340
(7.5 HIGH)

EPSS: 0.04%

updated 2025-10-24T13:21:16.710000

1 posts

Multiple buffer overflows in the SetClientState function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the limitSpeed, deviceId, and limitSpeedUp parameters.

cR0w@infosec.exchange at 2025-10-22T17:40:30.000Z ##

Tenda

TOTOLINK

https://www.cve.org/CVERecord?id=CVE-2025-60342

##

CVE-2025-60343
(7.5 HIGH)

EPSS: 0.04%

updated 2025-10-24T13:21:06.800000

1 posts

Multiple buffer overflows in the AdvSetMacMtuWan function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the wanMTU, wanSpeed, cloneType, mac, serviceName, serverName, wanMTU2, wanSpeed2, cloneType2, mac2, serviceName2, and serverName2 parameters.

cR0w@infosec.exchange at 2025-10-22T17:59:08.000Z ##

Tenda

https://www.cve.org/CVERecord?id=CVE-2025-60343

##

CVE-2025-60332
(7.5 HIGH)

EPSS: 0.11%

updated 2025-10-24T13:19:20.730000

1 posts

A NULL pointer dereference in the SetWLanRadioSettings function of D-Link DIR-823G A1 v1.0.2B05 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

cR0w@infosec.exchange at 2025-10-22T16:10:10.000Z ##

Hikvision

Sauter

Ghost Robotics

Tenda

TOTOLINK

D-Link

OpenWRT

Hope you're hungry, @Dio9sys and @da_667

##

CVE-2025-60335
(7.5 HIGH)

EPSS: 0.72%

updated 2025-10-24T13:18:55.290000

1 posts

A NULL pointer dereference in the main function of TOTOLINK N600R v4.3.0cu.7866_B20220506 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

cR0w@infosec.exchange at 2025-10-22T16:10:10.000Z ##

Hikvision

Sauter

Ghost Robotics

Tenda

TOTOLINK

D-Link

OpenWRT

Hope you're hungry, @Dio9sys and @da_667

https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2025-10020.html

##

CVE-2025-10020
(8.5 HIGH)

EPSS: 0.79%

updated 2025-10-24T12:58:03.523000

1 posts

Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command injection vulnerability in the Custom Script component.

cR0w@infosec.exchange at 2025-10-21T13:14:00.000Z ##

sev:CRIT post-auth command injection in ManageEngine ADManager Plus.

##

CVE-2025-59273
(7.3 HIGH)

EPSS: 0.08%

updated 2025-10-24T00:30:58

1 posts

Improper access control in Azure Event Grid allows an unauthorized attacker to elevate privileges over a network.

cR0w@infosec.exchange at 2025-10-23T22:23:07.000Z ##

Azure CVEs. Already fixed, not listed as exploited or publicly disclosed.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59500

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59273

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59503

##

CVE-2025-61934
(10.0 CRITICAL)

EPSS: 0.23%

updated 2025-10-24T00:30:53

1 posts

A binding to an unrestricted IP address vulnerability was discovered in Productivity Suite software version v4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and read, write, or delete arbitrary files and folders on the target machine

beyondmachines1@infosec.exchange at 2025-10-23T19:01:31.000Z ##

Multiple vulnerabilities reported in AutomationDirect Productivity Suite and PLCs, at least one critical

AutomationDirect is reporting nine security vulnerabilities in its Productivity Suite programming software (version 4.2.1.9 and prior) and Productivity PLC controllers (firmware v4.4.1.19 and prior), including critical CVE-2025-61934 that allows unauthenticated remote attackers to read, write, or delete arbitrary files through the ProductivityService PLC simulator, and CVE-2025-62498 enabling arbitrary code execution via malicious project files.

**If you use AutomationDirect Productivity Suite software or PLCs, plan a quick update to version 4.5.0.x or later. In the meantime make sure they are isolated from the internet and accessible from trusted networks.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/multiple-vulnerabilities-reported-in-automationdirect-productivity-suite-and-plcs-at-least-one-critical-j-q-1-2-j/gD2P6Ple2L

##

CVE-2025-55067
(7.1 HIGH)

EPSS: 0.08%

updated 2025-10-23T21:31:50

1 posts

The TLS4B ATG system is vulnerable to improper handling of Unix time values that exceed the 2038 epoch rollover. When the system clock reaches January 19, 2038, it resets to December 13, 1901, causing authentication failures and disrupting core system functionalities such as login access, history visibility, and leak detection termination. This vulnerability could allow an attacker to manipulate t

beyondmachines1@infosec.exchange at 2025-10-23T20:01:31.000Z ##

Critical command injection flaw reported in Veeder-Root TLS4B automatic tank gauge system

Veeder-Root is reporting two vulnerabilities in its TLS4B Automatic Tank Gauge System: critical CVE-2025-58428, a command injection flaw in the SOAP interface allowing authenticated attackers to execute system-level commands and gain full shell access, and CVE-2025-55067, an integer overflow vulnerability related to the 2038 Unix epoch rollover that causes authentication failures and system disruption when exploited.

**If you use Veeder-Root TLS4B tank gauge systems, make sure they are isolated from the internet and accessible only from trusted networks. Then plan a patch to version 11.A or newer. The flaw still requires admin login so also work with the administrators for detecting phishing and avoiding malware.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-command-injection-flaw-reported-in-veeder-root-tls4b-automatic-tank-gauge-system-x-1-7-3-i/gD2P6Ple2L

##

CVE-2025-60336
(7.5 HIGH)

EPSS: 1.27%

updated 2025-10-23T18:32:21

1 posts

A NULL pointer dereference in the sub_41773C function of TOTOLINK N600R v4.3.0cu.7866_B20220506 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

cR0w@infosec.exchange at 2025-10-22T17:40:30.000Z ##

Tenda

TOTOLINK

##

CVE-2025-60334
(7.5 HIGH)

EPSS: 0.10%

updated 2025-10-23T15:31:44

1 posts

TOTOLINK N600R v4.3.0cu.7866_B20220506 was discovered to contain a stack overflow in the ssid parameter in the setWiFiBasicConfig function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

cR0w@infosec.exchange at 2025-10-22T16:10:10.000Z ##

Hikvision

Sauter

Ghost Robotics

Tenda

TOTOLINK

D-Link

OpenWRT

Hope you're hungry, @Dio9sys and @da_667

##

CVE-2025-60331
(7.5 HIGH)

EPSS: 0.02%

updated 2025-10-23T15:31:44

1 posts

D-Link DIR-823G A1 v1.0.2B05 was discovered to contain a buffer overflow in the FillMacCloneMac parameter in the /EXCU_SHELL endpoint. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

cR0w@infosec.exchange at 2025-10-22T16:10:10.000Z ##

Hikvision

Sauter

Ghost Robotics

Tenda

TOTOLINK

D-Link

OpenWRT

Hope you're hungry, @Dio9sys and @da_667

https://www.cve.org/CVERecord?id=CVE-2025-60342

##

CVE-2025-60342
(7.5 HIGH)

EPSS: 0.04%

updated 2025-10-23T15:31:43

1 posts

Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the page parameter in the addressNat function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

cR0w@infosec.exchange at 2025-10-22T17:59:08.000Z ##

Tenda

https://www.cve.org/CVERecord?id=CVE-2025-60343

https://www.cve.org/CVERecord?id=CVE-2025-1680

##

CVE-2025-1680(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-10-23T15:30:46

1 posts

An acceptance of extraneous untrusted data with trusted data vulnerability has been identified in Moxa’s Ethernet switches, which allows attackers with administrative privileges to manipulate HTTP Host headers by injecting a specially crafted Host header into HTTP requests sent to an affected device’s web service. This vulnerability is classified as Host Header Injection, where invalid Host header

cR0w@infosec.exchange at 2025-10-23T14:15:45.000Z ##

Another perfect 0, this time in Moxa. :apartyblobcat:

An acceptance of extraneous untrusted data with trusted data vulnerability has been identified in Moxa’s Ethernet switches, which allows attackers with administrative privileges to manipulate HTTP Host headers by injecting a specially crafted Host header into HTTP requests sent to an affected device’s web service. This vulnerability is classified as Host Header Injection, where invalid Host headers can manipulate to redirect users, forge links, or phishing attacks. There is no impact to the confidentiality, integrity, and availability of the affected device; no loss of confidentiality, integrity, and availability within any subsequent systems.

sev:NONE 0.0 - CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N

##

CVE-2025-53701(CVSS UNKNOWN)

EPSS: 0.03%

updated 2025-10-23T15:30:46

1 posts

Vilar VS-IPC1002 IP cameras are vulnerable to Reflected XSS (Cross-site Scripting) attacks, because parameters in GET requests sent to /cgi-bin/action endpoint are not sanitized properly, making it possible to target logged in admin users. The vendor did not respond in any way. Only version 1.1.0.18 was tested, other versions might be vulnerable as well.

cR0w@infosec.exchange at 2025-10-23T14:03:03.000Z ##

Vilar

https://www.cve.org/CVERecord?id=CVE-2025-53701

https://www.cve.org/CVERecord?id=CVE-2025-53702

Moxa

https://www.cve.org/CVERecord?id=CVE-2025-1679

https://www.cve.org/CVERecord?id=CVE-2025-53701

##

CVE-2025-53702(CVSS UNKNOWN)

EPSS: 0.03%

updated 2025-10-23T15:30:45

1 posts

Vilar VS-IPC1002 IP cameras are vulnerable to DoS (Denial-of-Service) attacks. An unauthenticated attacker on the same local network might send a crafted request to /cgi-bin/action endpoint and render the device completely unresponsive. A manual restart of the device is required. The vendor did not respond in any way. Only version 1.1.0.18 was tested, other versions might be vulnerable as well.

cR0w@infosec.exchange at 2025-10-23T14:03:03.000Z ##

Vilar

https://www.cve.org/CVERecord?id=CVE-2025-53702

Moxa

https://www.cve.org/CVERecord?id=CVE-2025-1679

##

CVE-2025-60333
(7.5 HIGH)

EPSS: 0.14%

updated 2025-10-23T15:30:35

1 posts

TOTOLINK N600R v4.3.0cu.7866_B20220506 was discovered to contain a stack overflow in the wepkey2 parameter in the setWiFiMultipleConfig function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

cR0w@infosec.exchange at 2025-10-22T16:10:10.000Z ##

Hikvision

Sauter

Ghost Robotics

Tenda

TOTOLINK

D-Link

OpenWRT

Hope you're hungry, @Dio9sys and @da_667

https://www.cve.org/CVERecord?id=CVE-2025-60341

##

CVE-2025-60341
(7.5 HIGH)

EPSS: 0.04%

updated 2025-10-23T12:32:24

1 posts

Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the ssid parameter in the fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

cR0w@infosec.exchange at 2025-10-22T17:51:07.000Z ##

Tenda

##

CVE-2025-60338
(7.5 HIGH)

EPSS: 0.04%

updated 2025-10-23T12:32:24

1 posts

Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the page parameter in the DhcpListClient function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

cR0w@infosec.exchange at 2025-10-22T16:10:10.000Z ##

Hikvision

Sauter

Ghost Robotics

Tenda

TOTOLINK

D-Link

OpenWRT

Hope you're hungry, @Dio9sys and @da_667

##

CVE-2025-62395
(4.3 MEDIUM)

EPSS: 0.02%

updated 2025-10-23T12:31:28

1 posts

A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data.

cR0w@infosec.exchange at 2025-10-23T13:03:08.000Z ##

Hey kids, definitely don't go messing around with your Moodle classes.

https://github.com/allinsthon/CVE-2025-61932

##

CVE-2025-61932
(9.8 CRITICAL)

EPSS: 13.06%

updated 2025-10-23T00:30:34

5 posts

Lanscope Endpoint Manager (On-Premises) (Client program (MR) and Detection agent (DA)) improperly verifies the origin of incoming requests, allowing an attacker to execute arbitrary code by sending specially crafted packets.

1 repos

AAKL@infosec.exchange at 2025-10-23T17:16:43.000Z ##

CVE-2025-61932 detail, updated today: https://nvd.nist.gov/vuln/detail/CVE-2025-61932

Bleeping Computer: CISA warns of Lanscope Endpoint Manager flaw exploited in attacks https://www.bleepingcomputer.com/news/security/cisa-warns-of-lanscope-endpoint-manager-flaw-exploited-in-attacks/ @BleepingComputer #CISA #cybersecurity #infosec

##

jos1264@social.skynetcloud.site at 2025-10-23T14:15:01.000Z ##

Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932) https://www.helpnetsecurity.com/2025/10/23/cve-2025-61932-lanscope-endpoint-manager-exploited/ #endpointmanagement #endpointsecurity #securityupdate #Don'tmiss #JPCERT/CC #Hotstuff #0-day #Japan #Motex #News #CISA

##

cisakevtracker@mastodon.social at 2025-10-22T18:00:58.000Z ##

CVE ID: CVE-2025-61932
Vendor: Motex
Product: LANSCOPE Endpoint Manager
Date Added: 2025-10-22
Notes: https://www.motex.co.jp/news/notice/2025/release251020/ ; https://nvd.nist.gov/vuln/detail/CVE-2025-61932
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-61932

##

AAKL@infosec.exchange at 2025-10-22T17:48:50.000Z ##

CISA has updated the KEV catalogue.

CVE-2025-61932: Motex LANSCOPE Endpoint Manager Improper Verification of Source of a Communication Channel Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-61932 #CISA #cybersecurity #infosec

##

beyondmachines1@infosec.exchange at 2025-10-22T09:01:30.000Z ##

Critical remote code execution flaw in LANSCOPE Endpoint Manager actively exploited

A critical remote code execution vulnerability, CVE-2025-61932, in LANSCOPE Endpoint Manager's on-premise edition that allows unauthenticated attackers to execute arbitrary commands with high privileges. Exploit attempts are already observed in live customer environments. The flaw affects Client Program (MR) and Detection Agent (DA) versions 9.4.7.1 and earlier.

**If you're using LANSCOPE Endpoint Manager on-premise edition (version 9.4.7.1 or earlier), this is urgent. Start updating all client endpoints to the latest patched version. Attackers are already exploiting the flaw to to gain full system control. Prioritize patching internet-facing systems first.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-remote-code-execution-flaw-in-lanscope-endpoint-manager-actively-exploited-4-r-q-a-q/gD2P6Ple2L

##

CVE-2025-58712
(5.2 MEDIUM)

EPSS: 0.00%

updated 2025-10-22T21:31:33

1 posts

A container privilege escalation flaw was found in certain AMQ Broker images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow th

cR0w@infosec.exchange at 2025-10-22T18:35:04.000Z ##

lol. lmao even.

A container privilege escalation flaw was found in certain AMQ Broker images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.

https://www.cve.org/CVERecord?id=CVE-2025-58712

##

CVE-2025-8556
(3.7 LOW)

EPSS: 0.01%

updated 2025-10-22T21:15:47.137000

7 posts

A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange.

hackernewsrobot@mastodon.social at 2025-10-22T21:41:16.000Z ##

Cryptographic Issues in Cloudflare's Circl FourQ Implementation (CVE-2025-8556) https://www.botanica.software/blog/cryptographic-issues-in-cloudflares-circl-fourq-implementation

##

hn100@social.lansky.name at 2025-10-22T17:50:08.000Z ##

Cryptographic Issues in Cloudflare's Circl FourQ Implementation (CVE-2025-8556)

Link: https://www.botanica.software/blog/cryptographic-issues-in-cloudflares-circl-fourq-implementation
Discussion: https://news.ycombinator.com/item?id=45669593

##

hn50@social.lansky.name at 2025-10-22T15:25:06.000Z ##

Cryptographic Issues in Cloudflare's Circl FourQ Implementation (CVE-2025-8556)

Link: https://www.botanica.software/blog/cryptographic-issues-in-cloudflares-circl-fourq-implementation
Discussion: https://news.ycombinator.com/item?id=45669593

##

newsycombinator@framapiaf.org at 2025-10-22T15:00:31.000Z ##

Cryptographic Issues in Cloudflare's Circl FourQ Implementation (CVE-2025-8556)
Link: https://www.botanica.software/blog/cryptographic-issues-in-cloudflares-circl-fourq-implementation
Comments: https://news.ycombinator.com/item?id=45669593

##

ycombinator@rss-mstdn.studiofreesia.com at 2025-10-22T14:44:44.000Z ##

Cryptographic Issues in Cloudflare's Circl FourQ Implementation (CVE-2025-8556)
https://www.botanica.software/blog/cryptographic-issues-in-cloudflares-circl-fourq-implementation
#ycombinator

##

h4ckernews@mastodon.social at 2025-10-22T14:25:08.000Z ##

Cryptographic Issues in Cloudflare's Circl FourQ Implementation (CVE-2025-8556)

https://www.botanica.software/blog/cryptographic-issues-in-cloudflares-circl-fourq-implementation

#HackerNews #Cryptography #Cloudflare #FourQ #CVE2025 #Cybersecurity

##

_r_netsec@infosec.exchange at 2025-10-22T12:58:06.000Z ##

Cryptographic Issues in Cloudflare's Circl FourQ Implementation (CVE-2025-8556) https://www.botanica.software/blog/cryptographic-issues-in-cloudflares-circl-fourq-implementation

##

CVE-2025-41723
(9.8 CRITICAL)

EPSS: 0.32%

updated 2025-10-22T21:12:48.953000

1 posts

The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations.

cR0w@infosec.exchange at 2025-10-22T16:10:10.000Z ##

Hikvision

Sauter

Ghost Robotics

Tenda

TOTOLINK

D-Link

OpenWRT

Hope you're hungry, @Dio9sys and @da_667

##

CVE-2025-41108
(0 None)

EPSS: 0.03%

updated 2025-10-22T21:12:48.953000

2 posts

The communication protocol implemented in Ghost Robotics Vision 60 v0.27.2 could allow an attacker to send commands to the robot from an external attack station, impersonating the control station (tablet) and gaining unauthorised full control of the robot. The absence of encryption and authentication mechanisms in the communication protocol allows an attacker to capture legitimate traffic between

cR0w@infosec.exchange at 2025-10-22T16:10:10.000Z ##

Hikvision

Sauter

Ghost Robotics

Tenda

TOTOLINK

D-Link

OpenWRT

Hope you're hungry, @Dio9sys and @da_667

##

offseq@infosec.exchange at 2025-10-22T09:04:21.000Z ##

⚠️ CVE-2025-41108 (CRITICAL): Ghost Robotics Vision 60 v0.27.2 lets attackers hijack robots by spoofing control commands over MAVLink (no auth/encryption). Segment networks & monitor traffic while awaiting patch. https://radar.offseq.com/threat/cve-2025-41108-cwe-287-improper-authentication-in--fef464fa #OffSeq #CVE202541108 #Robotics #IoTSec

##

CVE-2023-53691
(8.3 HIGH)

EPSS: 0.07%

updated 2025-10-22T21:12:48.953000

1 posts

Hikvision CSMP (Comprehensive Security Management Platform) iSecure Center through 2023-06-25 allows file upload via /center/api/files directory traversal, as exploited in the wild in 2024 and 2025.

cR0w@infosec.exchange at 2025-10-22T16:10:10.000Z ##

Hikvision

Sauter

Ghost Robotics

Tenda

TOTOLINK

D-Link

OpenWRT

Hope you're hungry, @Dio9sys and @da_667

##

CVE-2025-62771
(7.5 HIGH)

EPSS: 0.01%

updated 2025-10-22T21:12:48.953000

1 posts

Mercku M6a devices through 2.1.0 allow password changes via intranet CSRF attacks.

cR0w@infosec.exchange at 2025-10-22T14:00:52.000Z ##

@Dio9sys @da_667 CVEs are published for this now.

##

CVE-2025-62774
(3.1 LOW)

EPSS: 0.01%

updated 2025-10-22T21:12:48.953000

1 posts

On Mercku M6a devices through 2.1.0, the authentication system uses predictable session tokens based on timestamps.

cR0w@infosec.exchange at 2025-10-22T14:00:52.000Z ##

@Dio9sys @da_667 CVEs are published for this now.

https://github.com/ByteHawkSec/CVE-2025-57870-POC

##

CVE-2025-57870
(10.0 CRITICAL)

EPSS: 0.10%

updated 2025-10-22T21:12:32.330000

1 posts

A SQL Injection vulnerability exists in Esri ArcGIS Server versions 11.3, 11.4 and 11.5 on Windows, Linux and Kubernetes. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary SQL commands via a specific ArcGIS Feature Service operation. Successful exploitation can potentially result in unauthorized access, modification, or deletion of data from the underlying Enterpris

1 repos

cR0w@infosec.exchange at 2025-10-22T16:05:55.000Z ##

Perfect 10 SQLi in ArcGIS Server. 🥳

https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/arcgis-server-feature-services-security-patch

https://www.cve.org/CVERecord?id=CVE-2025-57870

##

CVE-2025-8677
(7.5 HIGH)

EPSS: 0.05%

updated 2025-10-22T18:30:45

1 posts

Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion. This issue affects BIND 9 versions 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.

cR0w@infosec.exchange at 2025-10-22T15:58:55.000Z ##

Cache poisoning:

https://kb.isc.org/docs/cve-2025-40780

And DoS:

https://kb.isc.org/docs/cve-2025-8677

in BIND 9.

##

CVE-2025-40780
(8.6 HIGH)

EPSS: 0.01%

updated 2025-10-22T18:30:44

3 posts

In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.16.8-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1

secupriv@mastodon.nl at 2025-10-23T05:25:12.000Z ##

Running a #DNS server, depending on your setup, now might a good time to update.

https://arstechnica.com/security/2025/10/bind-warns-of-bugs-that-could-bring-dns-cache-attack-back-from-the-dead/

CVE-2025-40778 and CVE-2025-40780

#bind #CVE #Unbound #NetworkSecurity #Network #Security

##

DarkWebInformer@infosec.exchange at 2025-10-23T01:06:59.000Z ##

🚨 The developers behind BIND, the Internet’s most widely used domain name resolution software, have issued a warning about two serious vulnerabilities that could let attackers poison entire DNS caches, redirecting users to malicious sites that appear completely legitimate.

CVE: CVE-2025-40778 and CVE-2025-40780

CVSS: Both 8.6

More: https://arstechnica.com/security/2025/10/bind-warns-of-bugs-that-could-bring-dns-cache-attack-back-from-the-dead/

##

cR0w@infosec.exchange at 2025-10-22T15:58:55.000Z ##

Cache poisoning:

https://kb.isc.org/docs/cve-2025-40780

And DoS:

https://kb.isc.org/docs/cve-2025-8677

in BIND 9.

##

CVE-2025-11411(CVSS UNKNOWN)

EPSS: 0.01%

updated 2025-10-22T15:31:09

3 posts

NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that complement positive DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually these RRSets are used to update the resolver's knowledge of the zone's name servers. A malicious actor can exploit the po

FreeBSD@activitypub.awakari.com at 2025-10-23T18:56:54.000Z ## unbound: Vendor import 1.24.1 Release notes at https://nlnetlabs.nl/news/2025/Oct/22/unbound-1.24.1-released/ Security: CVE-2025-11411 MFC after: 3 days Merge commit '73dd92916f532cb3fe35322010...

Origin | Interest | Match ##

jschauma@mstdn.social at 2025-10-22T18:48:06.000Z ##

This apparently impacts other DNS implementations (h/t @paulehoffman). For example Unbound https://nlnetlabs.nl/projects/unbound/security-advisories/ notes CVE-2025-11411 for this.

##

cR0w@infosec.exchange at 2025-10-22T15:53:25.000Z ##

Domain hijacking in Unbound.

https://www.nlnetlabs.nl/downloads/unbound/CVE-2025-11411.txt

##

CVE-2025-61757
(9.8 CRITICAL)

EPSS: 0.11%

updated 2025-10-22T15:31:09

1 posts

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebServices). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Identity Manager. Successful attacks of this vulnerability can result in takeover of Identity Manager. CVSS 3.1 Base

offseq@infosec.exchange at 2025-10-22T03:05:52.000Z ##

🚨 CRITICAL: CVE-2025-61757 hits Oracle Identity Manager (12.2.1.4.0, 14.1.2.1.0). Unauthenticated attackers can take over via HTTP REST WebServices. Restrict access & monitor for Oracle patches! https://radar.offseq.com/threat/cve-2025-61757-easily-exploitable-vulnerability-al-e6a75922 #OffSeq #CVE202561757 #Oracle #InfoSec

##

CVE-2025-41110(CVSS UNKNOWN)

EPSS: 0.03%

updated 2025-10-22T09:30:26

1 posts

Encrypted WiFi and SSH credentials were found in the Ghost Robotics Vision 60 v0.27.2 APK. This vulnerability allows an attacker to connect to the robot's WiFi and view all its data, as it runs on ROS 2 without default authentication. In addition, the attacker can connect via SSH and gain full control of the robot, which could cause physical damage to the robot itself or its environment.

cR0w@infosec.exchange at 2025-10-22T16:10:10.000Z ##

Hikvision

Sauter

Ghost Robotics

Tenda

TOTOLINK

D-Link

OpenWRT

Hope you're hungry, @Dio9sys and @da_667

##

CVE-2025-41109(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-10-22T09:30:26

1 posts

Ghost Robotics Vision 60 v0.27.2 includes, among its physical interfaces, three RJ45 connectors and a USB Type-C port. The vulnerability is due to the lack of authentication mechanisms when establishing connections through these ports. Specifically, with regard to network connectivity, the robot's internal router automatically assigns IP addresses to any device physically connected to it. An attac

cR0w@infosec.exchange at 2025-10-22T16:10:10.000Z ##

Hikvision

Sauter

Ghost Robotics

Tenda

TOTOLINK

D-Link

OpenWRT

Hope you're hungry, @Dio9sys and @da_667

##

CVE-2025-41724
(7.5 HIGH)

EPSS: 0.08%

updated 2025-10-22T09:30:26

1 posts

An unauthenticated remote attacker can crash the wscserver by sending incomplete SOAP requests. The wscserver process will not be restarted by a watchdog and a device reboot is necessary to make it work again.

cR0w@infosec.exchange at 2025-10-22T16:10:10.000Z ##

Hikvision

Sauter

Ghost Robotics

Tenda

TOTOLINK

D-Link

OpenWRT

Hope you're hungry, @Dio9sys and @da_667

##

CVE-2025-41722
(7.5 HIGH)

EPSS: 0.02%

updated 2025-10-22T09:30:25

1 posts

The wsc server uses a hard-coded certificate to check the authenticity of SOAP messages. An unauthenticated remote attacker can extract private keys from the Software of the affected devices.

cR0w@infosec.exchange at 2025-10-22T16:10:10.000Z ##

Hikvision

Sauter

Ghost Robotics

Tenda

TOTOLINK

D-Link

OpenWRT

Hope you're hungry, @Dio9sys and @da_667

https://github.com/NotItsSixtyN3in/CVE-2025-4172025

##

CVE-2025-41720
(4.3 MEDIUM)

EPSS: 0.02%

updated 2025-10-22T09:30:25

1 posts

A low privileged remote attacker can upload arbitrary data masked as a png file to the affected device using the webserver API because only the file extension is verified.

2 repos

https://github.com/NotItsSixtyN3in/CVE-2025-4172026

cR0w@infosec.exchange at 2025-10-22T16:10:10.000Z ##

Hikvision

Sauter

Ghost Robotics

Tenda

TOTOLINK

D-Link

OpenWRT

Hope you're hungry, @Dio9sys and @da_667

##

CVE-2025-41719
(8.8 HIGH)

EPSS: 0.10%

updated 2025-10-22T09:30:25

1 posts

A low privileged remote attacker can corrupt the webserver users storage on the device by setting a sequence of unsupported characters which leads to deletion of all previously configured users and the creation of the default Administrator with a known default password.

cR0w@infosec.exchange at 2025-10-22T16:10:10.000Z ##

Hikvision

Sauter

Ghost Robotics

Tenda

TOTOLINK

D-Link

OpenWRT

Hope you're hungry, @Dio9sys and @da_667

##

CVE-2025-41721
(2.7 LOW)

EPSS: 0.02%

updated 2025-10-22T09:30:25

1 posts

A high privileged remote attacker can influence the parameters passed to the openssl command due to improper neutralization of special elements when adding a password protected self-signed certificate.

cR0w@infosec.exchange at 2025-10-22T16:10:10.000Z ##

Hikvision

Sauter

Ghost Robotics

Tenda

TOTOLINK

D-Link

OpenWRT

Hope you're hungry, @Dio9sys and @da_667

##

CVE-2024-58274
(8.3 HIGH)

EPSS: 0.06%

updated 2025-10-22T06:31:21

1 posts

Hikvision CSMP (Comprehensive Security Management Platform) iSecure Center through 2024-08-01 allows execution of a command within $( ) in /center/api/installation/detection JSON data, as exploited in the wild in 2024 and 2025.

cR0w@infosec.exchange at 2025-10-22T16:10:10.000Z ##

Hikvision

Sauter

Ghost Robotics

Tenda

TOTOLINK

D-Link

OpenWRT

Hope you're hungry, @Dio9sys and @da_667

##

CVE-2025-62773
(2.4 LOW)

EPSS: 0.01%

updated 2025-10-22T06:31:12

1 posts

Mercku M6a devices through 2.1.0 allow TELNET sessions via a router.telnet.enabled.update request by an administrator.

cR0w@infosec.exchange at 2025-10-22T14:00:52.000Z ##

@Dio9sys @da_667 CVEs are published for this now.

##

CVE-2025-62775
(8.0 HIGH)

EPSS: 0.02%

updated 2025-10-22T06:31:12

1 posts

Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password.

cR0w@infosec.exchange at 2025-10-22T14:00:52.000Z ##

@Dio9sys @da_667 CVEs are published for this now.

##

CVE-2025-62772
(3.1 LOW)

EPSS: 0.02%

updated 2025-10-22T06:31:12

1 posts

On Mercku M6a devices through 2.1.0, session tokens remain valid for at least months in some cases.

cR0w@infosec.exchange at 2025-10-22T14:00:52.000Z ##

@Dio9sys @da_667 CVEs are published for this now.

https://github.com/moiz-2x/CVE-2025-24990_POC

##

CVE-2025-24990
(7.8 HIGH)

EPSS: 6.76%

updated 2025-10-22T00:34:29

1 posts

Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. Fax modem hardware dependent on this specific driver will no longer work on Windows. Microsoft recommends removing any existing

1 repos

cloud-native@activitypub.awakari.com at 2025-10-14T14:03:40.000Z ## Microsoft’s October 2025 Patch Tuesday Addresses 167 CVEs (CVE-2025-24990, CVE-2025-59230) 7 Critical 158 Important 2 Moderate 0 Low Microsoft addresses 167 CVEs in its largest Patch Tuesday to d...

Origin | Interest | Match ##

CVE-2025-61884
(7.5 HIGH)

EPSS: 10.21%

updated 2025-10-22T00:34:29

1 posts

Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Runtime UI). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access

6 repos

https://github.com/siddu7575/CVE-2025-61882-CVE-2025-61884

https://github.com/shinyhunt/CVE-2025-61884

https://github.com/pakagronglb/oracle-security-breaches-analysis-case-study

https://github.com/rxerium/CVE-2025-61882-CVE-2025-61884

https://github.com/AshrafZaryouh/CVE-2025-61884-At-a-Glance

https://github.com/B1ack4sh/Blackash-CVE-2025-61884

oversecurity@mastodon.social at 2025-10-21T19:40:28.000Z ##

CISA confirms hackers exploited Oracle E-Business Suite SSRF flaw

CISA has confirmed that an Oracle E-Business Suite flaw tracked as CVE-2025-61884 is being exploited in attacks, adding it to its Known Exploited...

🔗️ [Bleepingcomputer] https://link.is.it/S9MGzZ

##

CVE-2025-53770
(9.8 CRITICAL)

EPSS: 87.23%

updated 2025-10-22T00:34:26

4 posts

Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild. Microsoft is preparing and fully testing a comprehensive update to address this vulnerability. In the meantime, please make sure that the mitigation provided in this CVE documentation

https://github.com/0xh3g4z1/CVE-2025-53770-SharePoint-RCE

45 repos

https://github.com/CyprianAtsyor/ToolShell-CVE-2025-53770-SharePoint-Exploit-Lab-LetsDefend

https://github.com/0x-crypt/CVE-2025-53770-Scanner

https://github.com/bitsalv/ToolShell-Honeypot

https://github.com/behnamvanda/CVE-2025-53770-Checker

https://github.com/victormbogu1/LetsDefend-SOC342-CVE-2025-53770-SharePoint-ToolShell-Auth-Bypass-andRCE-EventID-320

https://github.com/hazcod/CVE-2025-53770

https://github.com/GreenForceNetworks/Toolshell_CVE-2025-53770

https://github.com/unk9vvn/sharepoint-toolpane

https://github.com/Bluefire-Redteam-Cybersecurity/bluefire-sharepoint-cve-2025-53770

https://github.com/MuhammadWaseem29/CVE-2025-53770

https://github.com/ghostn4444/CVE-2025-53770

https://github.com/imbas007/CVE-2025-53770-Vulnerable-Scanner

https://github.com/0xray5c68616e37/cve-2025-53770

https://github.com/BirdsAreFlyingCameras/CVE-2025-53770_Raw-HTTP-Request-Generator

https://github.com/bossnick98/-SOC342---CVE-2025-53770-SharePoint-ToolShell-Auth-Bypass-and-RCE

https://github.com/Rabbitbong/OurSharePoint-CVE-2025-53770

https://github.com/Immersive-Labs-Sec/SharePoint-CVE-2025-53770-POC

https://github.com/exfil0/CVE-2025-53770

https://github.com/r3xbugbounty/CVE-2025-53770

https://github.com/peiqiF4ck/WebFrameworkTools-5.5-enhance

https://github.com/Udyz/CVE-2025-53770-Exploit

https://github.com/daryllundy/CVE-2025-53770

https://github.com/Agampreet-Singh/CVE-2025-53770

https://github.com/saladin0x1/CVE-2025-53770

https://github.com/soltanali0/CVE-2025-53770-Exploit

https://github.com/siag-itsec/CVE-2025-53770-Hunting

https://github.com/Michaael01/LetsDefend--SOC-342-CVE-2025-53770-SharePoint-Exploit-ToolShell

https://github.com/ZephrFish/CVE-2025-53770-Scanner

https://github.com/n1chr0x/ZeroPoint

https://github.com/tripoloski1337/CVE-2025-53770-scanner

https://github.com/kaizensecurity/CVE-2025-53770

https://github.com/bharath-cyber-root/sharepoint-toolshell-cve-2025-53770

https://github.com/zach115th/ToolShellFinder

https://github.com/AdityaBhatt3010/CVE-2025-53770-SharePoint-Zero-Day-Variant-Exploited-for-Full-RCE

https://github.com/B1ack4sh/Blackash-CVE-2025-53770

https://github.com/fentnttntnt/CVE-2025-53770

https://github.com/RukshanaAlikhan/CVE-2025-53770

https://github.com/Sec-Dan/CVE-2025-53770-Scanner

https://github.com/nisargsuthar/suricata-rule-CVE-2025-53770

https://github.com/paolokappa/SharePointSecurityMonitor

https://github.com/3a7/CVE-2025-53770

https://github.com/go-bi/sharepoint-CVE-2025-53770

https://github.com/harryhaxor/CVE-2025-53770-SharePoint-Deserialization-RCE-PoC

https://github.com/grupooruss/CVE-2025-53770-Checker

jbz@indieweb.social at 2025-10-24T19:02:01.000Z ##

｢ Experts at the Symantec and Carbon Black Threat Hunter Team tracked multiple compromises involving CVE-2025-53770 — a vulnerability that caused alarm this summer when Microsoft warned its on-premises SharePoint customers that three separate China-based groups were exploiting it. Hundreds of governments and prominent businesses use SharePoint, particularly for maintaining their intranets ｣

https://therecord.media/sharepoint-toolshell-bug-breaches-governments-africa-south-america

#toolshel #sharepoint #cybersecurity #CVE202553770

##

jbz@indieweb.social at 2025-10-24T17:02:33.000Z ##

⚠️ Foreign hackers breached a US nuclear weapons plant via SharePoint flaws

｢ The attackers exploited two recently disclosed Microsoft SharePoint vulnerabilities — CVE-2025-53770, a spoofing flaw, and CVE-2025-49704, a remote code execution (RCE) bug — both affecting on-premises servers. Microsoft issued fixes for the vulnerabilities on July 19 ｣

https://www.csoonline.com/article/4074962/foreign-hackers-breached-a-us-nuclear-weapons-plant-via-sharepoint-flaws.html

#sharepoint #hacking #cybersecurity #CVE202549704 #CVE202553770

##

jbhall56@infosec.exchange at 2025-10-22T13:25:48.000Z ##

Hackers believed to be associated with China have leveraged the ToolShell vulnerability (CVE-2025-53770) in Microsoft SharePoint in attacks targeting government agencies, universities, telecommunication service providers, and finance organizations. https://www.bleepingcomputer.com/news/security/sharepoint-toolshell-attacks-targeted-orgs-across-four-continents/

##

oversecurity@mastodon.social at 2025-10-22T10:40:05.000Z ##

Sharepoint ToolShell attacks targeted orgs across four continents

Hackers believed to be associated with China have leveraged the ToolShell vulnerability (CVE-2025-53770) in Microsoft SharePoint in attacks...

🔗️ [Bleepingcomputer] https://link.is.it/FS0LGi

##

CVE-2025-10035
(10.0 CRITICAL)

EPSS: 47.55%

updated 2025-10-22T00:34:26

1 posts

A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection.

https://github.com/orange0Mint/CVE-2025-10035_GoAnywhere

3 repos

https://github.com/rxerium/CVE-2025-10035

https://github.com/ThemeHackers/CVE-2025-10035

pentesttools@infosec.exchange at 2025-10-21T13:05:57.000Z ##

Just 1 day after Microsoft confirmed ransomware groups are exploiting 💥 CVE-2025-10035 in Fortra GoAnywhere, we added a custom detection module into Sniper to deliver:

✅ Real payload execution paths
✅ Detailed request/response evidence
✅ A multi-dimensional view of risk you can export into a report.

👉 https://pentest-tools.com/vulnerabilities-exploits/fortra-goanywhere-mft-deserialization-vulnerability_27810

🔄 We’ve also had detection for the related auth bypass (unauthenticated exposure) live in the Network Vulnerability Scanner since September 25.

🧠 Why this matters:

This deserialization vulnerability is an active #ransomware entry point targeting critical file transfer systems.

Because orgs often use Fortra GoAnywhere MFT to handle sensitive file transfers in finance, healthcare, and enterprise environments, this CVE's blast radius includes PII exposure, data exfiltration, and operational downtime.

📍If you run GoAnywhere, don't sleep on validating exposure with precision - not just detection.

Broader context: https://www.microsoft.com/en-us/security/blog/2025/10/06/investigating-active-exploitation-of-cve-2025-10035-goanywhere-managed-file-transfer-vulnerability/

##

CVE-2025-49704
(8.8 HIGH)

EPSS: 60.24%

updated 2025-10-22T00:34:25

1 posts

Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

jbz@indieweb.social at 2025-10-24T17:02:33.000Z ##

⚠️ Foreign hackers breached a US nuclear weapons plant via SharePoint flaws

｢ The attackers exploited two recently disclosed Microsoft SharePoint vulnerabilities — CVE-2025-53770, a spoofing flaw, and CVE-2025-49704, a remote code execution (RCE) bug — both affecting on-premises servers. Microsoft issued fixes for the vulnerabilities on July 19 ｣

https://www.csoonline.com/article/4074962/foreign-hackers-breached-a-us-nuclear-weapons-plant-via-sharepoint-flaws.html

#sharepoint #hacking #cybersecurity #CVE202549704 #CVE202553770

##

CVE-2025-2775
(9.3 CRITICAL)

EPSS: 65.15%

updated 2025-10-22T00:34:21

1 posts

SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the Checkin processing functionality, allowing for administrator account takeover and file read primitives.

https://github.com/watchtowrlabs/watchTowr-vs-SysAid-PreAuth-RCE-Chain

1 repos

DarkWebInformer@infosec.exchange at 2025-10-23T17:37:43.000Z ##

🚨PoC for SysAid PreAuth RCE Chain (CVE-2025-2775, CVE-2025-2776, CVE-2025-2777, CVE-2025-2778)

GitHub: https://github.com/watchtowrlabs/watchTowr-vs-SysAid-PreAuth-RCE-Chain

Write-up: https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/

##

CVE-2025-22457
(9.1 CRITICAL)

EPSS: 77.49%

updated 2025-10-22T00:34:21

1 posts

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution.

https://github.com/sfewer-r7/CVE-2025-22457

5 repos

https://github.com/securekomodo/CVE-2025-22457

https://github.com/Vinylrider/ivantiunlocker

https://github.com/TRone-ux/CVE-2025-22457

https://github.com/B1ack4sh/Blackash-CVE-2025-22457

DarkWebInformer@infosec.exchange at 2025-10-21T18:38:27.000Z ##

🚨CVE-2025-22457: Python Exploit POC Scanner to Detect Ivanti Connect Secure RCE

GitHub: https://github.com/securekomodo/CVE-2025-22457

Redline Blog: https://www.redlinecybersecurity.com/blog/cve-2025-22457-python-exploit-poc-scanner-to-detect-ivanti-connect-secure-rce

CVSS: 9.0

KEV: Yes

##

CVE-2022-48503
(8.8 HIGH)

EPSS: 0.56%

updated 2025-10-22T00:33:52

1 posts

The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code execution.

beyondmachines1@infosec.exchange at 2025-10-22T10:01:31.000Z ##

CISA warns of active exploitation of three years old Apple JavaScriptCore vulnerability

CISA is warning of active exploitation of CVE-2022-48503, a critical JavaScriptCore vulnerability in Apple products that enables arbitrary code execution through malicious web content, affecting macOS, iOS, iPadOS, Safari, tvOS, and watchOS. Despite Apple releasing patches in July 2022, the vulnerability is actively exploited against unpatched and end-of-life systems.

**If you're using older Apple devices (macOS, iOS, iPadOS, Safari, tvOS, or watchOS from before mid-2022), update immediately to the latest supported version. Attackers are actively exploiting a three-year-old flaw in devices that were never patched. If your device is too old to receive updates anymore, either use an alternate update to push up the version (this works only on macOS) or stop using it for sensitive tasks and replace it with a supported device.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-warns-of-active-exploitation-of-three-years-old-apple-javascriptcore-vulnerability-b-q-d-p-7/gD2P6Ple2L

##

CVE-2025-2747
(9.8 CRITICAL)

EPSS: 85.31%

updated 2025-10-22T00:33:17

1 posts

An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server component password handling for the server defined None type. Authentication bypass allows an attacker to control administrative objects.This issue affects Xperience through 13.0.178.

beyondmachines1@infosec.exchange at 2025-10-21T19:01:31.000Z ##

CISA warns of active exploitation of critical authentication bypass flaws in Kentico Xperience CMS

CISA is warning of active exploitation of two critical authentication bypass vulnerabilities (CVE-2025-2746 and CVE-2025-2747, both CVSS 9.8) in Kentico Xperience CMS's Staging Sync Server component that allow unauthenticated attackers to gain administrative control. Researchers have chained with a file upload flaw (CVE-2025-2749) to achieve complete remote code execution and server compromise.

**If you're using Kentico Xperience CMS with the Staging Sync Server enabled (any version before 13.0.179), update immediately to version 13.0.179 or later. Attackers are actively exploiting flaws to take complete control of systems. If you can't update, disable the Staging Sync Server entirely or restrict network access to trusted internal IPs.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-warns-of-active-exploitation-of-critical-authentication-bypass-flaws-in-kentico-xperience-cms-p-o-2-8-l/gD2P6Ple2L

##

CVE-2025-2746
(9.8 CRITICAL)

EPSS: 77.34%

updated 2025-10-22T00:33:16

1 posts

An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server password handling of empty SHA1 usernames in digest authentication. Authentication bypass allows an attacker to control administrative objects.This issue affects Xperience through 13.0.172.

https://github.com/mandarenmanman/CVE-2019-1367

beyondmachines1@infosec.exchange at 2025-10-21T19:01:31.000Z ##

CISA warns of active exploitation of critical authentication bypass flaws in Kentico Xperience CMS

CISA is warning of active exploitation of two critical authentication bypass vulnerabilities (CVE-2025-2746 and CVE-2025-2747, both CVSS 9.8) in Kentico Xperience CMS's Staging Sync Server component that allow unauthenticated attackers to gain administrative control. Researchers have chained with a file upload flaw (CVE-2025-2749) to achieve complete remote code execution and server compromise.

**If you're using Kentico Xperience CMS with the Staging Sync Server enabled (any version before 13.0.179), update immediately to version 13.0.179 or later. Attackers are actively exploiting flaws to take complete control of systems. If you can't update, disable the Staging Sync Server entirely or restrict network access to trusted internal IPs.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-warns-of-active-exploitation-of-critical-authentication-bypass-flaws-in-kentico-xperience-cms-p-o-2-8-l/gD2P6Ple2L

##

CVE-2019-1367
(7.5 HIGH)

EPSS: 89.17%

updated 2025-10-22T00:32:47

1 posts

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1221.

1 repos

ajguides@mastodon.social at 2025-10-25T07:30:26.000Z ##

Microsoft Update causing Print Spooler Problems - CVE-2019-1367 | https://techygeekshome.info/cve-2019-1367/?fsp_sid=16684 | #Guide #Microsoft #News #security #Updates #Windows
https://techygeekshome.info/cve-2019-1367/?fsp_sid=16684

##

CVE-2023-20118
(6.5 MEDIUM)

EPSS: 2.28%

updated 2025-10-22T00:18:14.313000

1 posts

A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted

sambowne@infosec.exchange at 2025-10-22T22:01:20.000Z ##

PolarEdge Backdoor on QNAP (CVE-2023-20118) – Full Analysis https://blog.sekoia.io/polaredge-backdoor-qnap-cve-2023-20118-analysis/

##

CVE-2025-8088
(8.8 HIGH)

EPSS: 4.42%

updated 2025-10-21T23:17:10.660000

2 posts

A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET.

25 repos

https://github.com/knight0x07/WinRAR-CVE-2025-8088-PoC-RAR

https://github.com/pentestfunctions/best-CVE-2025-8088

https://github.com/kitsuneshade/WinRAR-Exploit-Tool---Rust-Edition

https://github.com/hexsecteam/CVE-2025-8088-Winrar-Tool

https://github.com/pexlexity/WinRAR-CVE-2025-8088-Path-Traversal-PoC

https://github.com/Shinkirou789/Cve-2025-8088-WinRar-vulnerability

https://github.com/hbesljx/CVE-2025-8088-EXP

https://github.com/sxyrxyy/CVE-2025-8088-WinRAR-Proof-of-Concept-PoC-Exploit-

https://github.com/lucyna77/winrar-exploit

https://github.com/ghostn4444/CVE-2025-8088

https://github.com/onlytoxi/CVE-2025-8088-Winrar-Tool

https://github.com/Syrins/CVE-2025-8088-Winrar-Tool-Gui

https://github.com/Fathi-MO/POC-CVE-2025-8088

https://github.com/AdityaBhatt3010/CVE-2025-8088-WinRAR-Zero-Day-Path-Traversal

https://github.com/techcorp/CVE-2025-8088-Exploit

https://github.com/pentestfunctions/CVE-2025-8088-Multi-Document

https://github.com/0xAbolfazl/CVE-2025-8088-WinRAR-PathTraversal-PoC

https://github.com/nhattanhh/CVE-2025-8088

https://github.com/travisbgreen/cve-2025-8088

https://github.com/walidpyh/CVE-2025-8088

https://github.com/mocred/cve-2025-8088

https://github.com/jordan922/CVE-2025-8088

https://github.com/papcaii2004/CVE-2025-8088-WinRAR-builder

https://github.com/DeepBlue-dot/CVE-2025-8088-WinRAR-Startup-PoC

https://github.com/pescada-dev/-CVE-2025-8088

cyberveille@mastobot.ping.moi at 2025-10-28T08:00:24.000Z ##

📢 Earth Estries (alias Salt Typhoon) exploite une faille WinRAR (CVE-2025-8088)
📝 Source: Blaze's Security Blog (Bart Blaze).
📖 cyberveille : https://cyberveille.ch/posts/2025-10-28-earth-estries-alias-salt-typhoon-exploite-une-faille-winrar-cve-2025-8088/
🌐 source : https://bartblaze.blogspot.com/2025/10/earth-estries-alive-and-kicking.html
#APT #CVE_2025_8088 #Cyberveille

##

undercodenews@mastodon.social at 2025-10-28T07:14:14.000Z ##

Silent Infection: Gamaredon Exploits WinRAR Flaw in a Stealthy Government Targeting Campaign

A Hidden War in the Digital Shadows A new cyber offensive has emerged from one of Eastern Europe’s most notorious threat actors, Gamaredon, known for its relentless espionage operations against government networks. This time, the group has weaponized a critical WinRAR vulnerability (CVE-2025-8088) to deliver malware with almost surgical precision. The attack doesn’t rely on the…

https://undercodenews.com/silent-infection-gamaredon-exploits-winrar-flaw-in-a-stealthy-government-targeting-campaign/

##

CVE-2025-20333
(9.9 CRITICAL)

EPSS: 1.72%

updated 2025-10-21T23:16:46.667000

2 posts

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker with valid VPN user credentials cou

GossiTheDog@cyberplace.social at 2025-10-28T11:50:19.000Z ##

An observation from CVE-2025-20333 (Cisco ASA AnyConnect vuln) - orgs just don't patch ASA.

The patch rate is really, really poor - ransomware groups are likely going to reinvest in targeting Cisco ASA product security, even just n-days, as realistically tens of thousands of organisations are years behind with patching their edge VPN appliances -- it's an open door into the world's largest companies.

Upwards of 70% of orgs never patched this one - thankfully it's just China with the exploit.

##

GossiTheDog@cyberplace.social at 2025-10-28T11:50:19.000Z ##

An observation from CVE-2025-20333 (Cisco ASA AnyConnect vuln) - orgs just don't patch ASA.

The patch rate is really, really poor - ransomware groups are likely going to reinvest in targeting Cisco ASA product security, even just n-days, as realistically tens of thousands of organisations are years behind with patching their edge VPN appliances -- it's an open door into the world's largest companies.

Upwards of 70% of orgs never patched this one - thankfully it's just China with the exploit.

##

CVE-2025-62641
(8.3 HIGH)

EPSS: 0.03%

updated 2025-10-21T21:33:53

1 posts

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significan

DarkWebInformer@infosec.exchange at 2025-10-22T20:11:57.000Z ##

🚨CVE-2025-62641: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox.

CVSS: 8.2

Oracle Advisory: https://www.oracle.com/security-alerts/cpuoct2025.html

##

CVE-2025-52079
(5.3 MEDIUM)

EPSS: 0.04%

updated 2025-10-21T21:33:50

1 posts

The administrator password setting of the D-Link DIR-820L 1.06B02 is has Improper Access Control and is vulnerable to Unverified Password Change via crafted POST request to /get_set.ccp.

cR0w@infosec.exchange at 2025-10-21T19:42:58.000Z ##

D-Link

https://www.cve.org/CVERecord?id=CVE-2025-52079

https://www.cve.org/CVERecord?id=CVE-2025-60344

##

CVE-2025-60344
(6.6 MEDIUM)

EPSS: 0.05%

updated 2025-10-21T21:33:37

1 posts

An unauthenticated Local File Inclusion (LFI) vulnerability in D-Link DSR series routers allows remote attackers to retrieve sensitive configuration files in clear text. The exposed files contain administrative credentials, VPN settings, and other sensitive information, enabling full administrative access to the router. Affected Products include: DSR-150, DSR-150N, and DSR-250N v1.09B32_WW.

cR0w@infosec.exchange at 2025-10-21T15:46:35.000Z ##

D-Link

https://github.com/DExplo1ted/CVE-2025-11534-POC

##

CVE-2025-11534
(0 None)

EPSS: 0.10%

updated 2025-10-21T20:20:25.480000

1 posts

The affected Raisecom devices allow SSH sessions to be established without completing user authentication. This could allow attackers to gain shell access without valid credentials.

2 repos

https://github.com/ZeroByte8/CVE-2025-11534

beyondmachines1@infosec.exchange at 2025-10-21T20:01:31.000Z ##

CISA warns of critical authentication bypass flaw in Raisecomm RAX701-GC Series

CISA is reporting CVE-2025-11534, a critical authentication bypass vulnerability in Raisecomm RAX701-GC Series devices that allows unauthenticated attackers to gain root shell access via SSH without credentials. Raisecomm has not responded to CISA's mitigation requests and no patches are available as of October 21, 2025.

**If you're using Raisecomm RAX701-GC devices make sure they are isolated from the internet and accessible only from trusted networks. Then reach out to the vendor for possible patches. Consider replacing these devices with supported alternatives if possible, since the manufacturer hasn't responded to fix this flaw.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/cisa-warns-of-critical-authentication-bypass-flaw-in-raisecomm-rax701-gc-series-h-0-b-w-h/gD2P6Ple2L

##

CVE-2025-11493
(8.8 HIGH)

EPSS: 0.01%

updated 2025-10-21T19:31:50.020000

1 posts

The ConnectWise Automate Agent does not fully verify the authenticity of files downloaded from the server, such as updates, dependencies, and integrations. This creates a risk where an on-path attacker could perform a man-in-the-middle attack and substitute malicious files for legitimate ones by impersonating a legitimate server. This risk is mitigated when HTTPS is enforced and is related to CVE-

PostgreSQL@activitypub.awakari.com at 2025-10-20T10:01:20.000Z ## ConnectWise Automate Flaws Allow Fake Updates: CVE-2025-11492 and CVE-2025-11493 ConnectWise Automate Flaws Allow Fake Updates: CVE-2025-11492 and CVE-2025-11493 When trusted IT management platform...

#Cyber #News

Origin | Interest | Match ##

CVE-2025-40016
(0 None)

EPSS: 0.02%

updated 2025-10-21T19:31:25.450000

1 posts

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID Per UVC 1.1+ specification 3.7.2, units and terminals must have a non-zero unique ID. ``` Each Unit and Terminal within the video function is assigned a unique identification number, the Unit ID (UID) or Terminal ID (TID), contained in the bUnitID or bTerminal

AAKL@infosec.exchange at 2025-10-23T16:25:34.000Z ##

If you missed this, Microsoft updated its security guide yesterday with new listings affecting Azure Linux: https://msrc.microsoft.com/update-guide

spi: cadence-quadspi: Implement refcount to handle unbind during busy
CVE-2025-40005 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40005

media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID New
CVE-2025-40016 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40016 #Microsoft #Linux #cybersecurity #infosec #Azure

##

CVE-2025-26392
(5.4 MEDIUM)

EPSS: 0.10%

updated 2025-10-21T19:31:25.450000

1 posts

SolarWinds Observability Self-Hosted is susceptible to SQL injection vulnerability that may display sensitive data using a low-level account. This vulnerability requires authentication from a low-privilege account.

cR0w@infosec.exchange at 2025-10-21T13:16:13.000Z ##

Post-auth SQLi in SolarWinds. Too bad they put a bad link in the CVE.

https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-26392

##

CVE-2025-61301
(7.5 HIGH)

EPSS: 0.05%

updated 2025-10-21T15:32:02

1 posts

Denial-of-analysis in reporting/mongodb.py and reporting/jsondump.py in CAPEv2 (commit 52e4b43, on 2025-05-17) allows attackers who can submit samples to cause incomplete or missing behavioral analysis reports by generating deeply nested or oversized behavior data that trigger MongoDB BSON limits or orjson recursion errors when the sample executes in the sandbox.

1 repos

https://github.com/eGkritsis/CVE-2025-61301

cR0w@infosec.exchange at 2025-10-20T21:00:55.000Z ##

##

CVE-2025-11625(CVSS UNKNOWN)

EPSS: 0.07%

updated 2025-10-21T15:30:58

1 posts

Improper host authentication vulnerability in wolfSSH version 1.4.20 and earlier clients that allows authentication bypass and leaking of clients credentials.

cR0w@infosec.exchange at 2025-10-21T13:48:36.000Z ##

Go hack more SSHit.

https://www.cve.org/CVERecord?id=CVE-2025-11625

Improper host authentication vulnerability in wolfSSH version 1.4.20 and earlier clients that allows authentication bypass and leaking of clients credentials.

##

CVE-2025-9133
(8.1 HIGH)

EPSS: 0.04%

updated 2025-10-21T03:30:25

2 posts

A missing authorization vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50(W) series firmware versions from V4.16 through V5.40, and USG20(W)-VPN series firmware versions from V4.16 through V5.40 could allow a semi-authenticated attacker—who has completed only the first stage of the two-factor authen

decio@infosec.exchange at 2025-10-21T08:35:10.000Z ##

Une faille dangereuse (CVE-2025-9133) a été identifiée dans les dispositifs de la série Zyxel ATP/USG : même avec l’authentification à deux facteurs activée, un attaquant disposant de creds (ayant franchi seulement la 1ʳᵉ étape du 2FA) peut potentiellement contourner les contrôles d’accès et accéder à la configuration complète du système.

En envoyant une commande commençant par un élément autorisé (ex : show version), puis en enchaînant ;show running-config, la validation ne détecte pas la seconde commande et la base entière est exposée.
Rainpwn

Impact : divulgation de mots de passe, clés, configurations réseau — c’est un accès potentiel complet à l’appareil.
Rainpwn

Recommandations : appliquer rapidement les correctifs proposés par Zyxel, bloquer les chaînes de commandes (; ou pipeline), renforcer l’autorisation per-commande.
Rainpwn

Si vous gérez ou utilisez une Zyxel ATP/USG : vérifiez que vous êtes à jour, restreignez l’accès à l’interface d’administration, et surveillez toute activité suspecte.
⬇️
2025-08-15 : ZYXEL a été informé de la vulnérabilité
2025-08-15 : ZYXEL a accusé réception de mon rapport de vulnérabilité.
2025-08-19 : ZYXEL a attribué l’identifiant CVE-2025-9133 aux problèmes signalés et m’a informé de son intention de publier un avis de sécurité le 30 septembre 2025.
2025-09-08 : ZYXEL a demandé de reporter la divulgation publique au 21 octobre 2025, car le correctif du firmware devait être publié le 20 octobre 2025. Cela devait permettre aux utilisateurs d’appliquer la mise à jour et de sécuriser leurs systèmes avant la divulgation de la faille.
2025-10-21 : ZYXEL a publié son avis de sécurité, conformément au calendrier de divulgation coordonnée.
⬇️
CVE-2025-9133: Configuration Exposure via Authorization Bypass
👇
https://rainpwn.blog/blog/cve-2025-9133/

🩹⬇️
"The missing authorization vulnerability in certain ZLD firewall versions could allow a semi-authenticated attacker—who has completed only the first stage of the two-factor authentication (2FA) process—to view and download the system configuration from an affected device."
⬇️
"Zyxel security advisory for post-authentication command injection and missing authorization vulnerabilities in ZLD firewalls"
👇
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-command-injection-and-missing-authorization-vulnerabilities-in-zld-firewalls-10-21-2025

##

_r_netsec@infosec.exchange at 2025-10-21T05:43:06.000Z ##

CVE-2025-9133: ZYXEL Configuration Exposure via Authorization Bypass https://rainpwn.blog/blog/cve-2025-9133/

##

CVE-2025-8078
(7.2 HIGH)

EPSS: 0.34%

updated 2025-10-21T03:30:25

1 posts

A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50(W) series firmware versions from V4.16 through V5.40, and USG20(W)-VPN series firmware versions from V4.16 through V5.40 could allow an authenticated attacker with administrator privileges to execute operating

_r_netsec@infosec.exchange at 2025-10-21T05:43:06.000Z ##

CVE-2025-8078: ZYXEL Remote Code Execution via CLI Command Injection https://rainpwn.blog/blog/cve-2025-8078/

##

CVE-2025-54957
(6.5 MEDIUM)

EPSS: 0.04%

updated 2025-10-20T18:31:37

1 posts

An issue was discovered in Dolby UDC 4.5 through 4.13. A crash of the DD+ decoder process can occur when a malformed DD+ bitstream is processed. When Evolution data is processed by evo_priv.c from the DD+ bitstream, the decoder writes that data into a buffer. The length calculation for a write can overflow due to an integer wraparound. This can lead to the allocated buffer being too small, and the

Android@activitypub.awakari.com at 2025-10-22T12:00:09.000Z ## Zero-click Dolby audio bug lets attackers run code on Android and Windows devices The bug, tracked as CVE-2025-54957, could let attackers run code via audio files. Researchers from Google’s Proje...

#Android #Bugs #News #CVE-2025-54957 #Dolby #Digital

Origin | Interest | Match ##

CVE-2025-9574
(9.1 CRITICAL)

EPSS: 0.08%

updated 2025-10-20T18:30:41

1 posts

Missing Authentication for Critical Function vulnerability in ABB ALS-mini-s4 IP, ABB ALS-mini-s8 IP.This issue affects . All firmware versions with the Serial Number from 2000 to 5166

beyondmachines1@infosec.exchange at 2025-10-24T08:01:31.000Z ##

Critical vulnerability discovered in End-of-Life ASKI Energy industrial controllers

ASKI Energy (now owned by ABB) is reporting CVE-2025-9574, a critical missing authentication vulnerability in the embedded web server of ALS-Mini-S8 and ALS-Mini-S4 IP industrial controllers that allows unauthenticated remote attackers to gain full control, read and modify critical configuration parameters, and potentially enable lateral movement in OT networks. ABB has confirmed the affected products reached end-of-life in 2022 and no security patches are planned.

**If you're still using ASKI Energy ALS-Mini-S4 or ALS-Mini-S8 industrial controllers, know that they have a critical flaw with no fix coming (product support ended in 2022). Make sure that these devices are isolated from the internet, ideally on a completely separate network, and start planning to replace them with supported equipment as soon as possible.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-vulnerability-discovered-in-end-of-life-aski-energy-industrial-controllers-5-1-0-m-9/gD2P6Ple2L

##

CVE-2025-40005(CVSS UNKNOWN)

EPSS: 0.02%

updated 2025-10-20T18:30:33

1 posts

In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: Implement refcount to handle unbind during busy driver support indirect read and indirect write operation with assumption no force device removal(unbind) operation. However force device removal(removal) is still available to root superuser. Unbinding driver during operation causes kernel crash. This change

AAKL@infosec.exchange at 2025-10-23T16:25:34.000Z ##

If you missed this, Microsoft updated its security guide yesterday with new listings affecting Azure Linux: https://msrc.microsoft.com/update-guide

spi: cadence-quadspi: Implement refcount to handle unbind during busy
CVE-2025-40005 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40005

media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID New
CVE-2025-40016 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-40016 #Microsoft #Linux #cybersecurity #infosec #Azure

##

CVE-2025-59419(CVSS UNKNOWN)

EPSS: 2.68%

updated 2025-10-17T21:32:40

1 posts

### Summary An SMTP Command Injection (CRLF Injection) vulnerability in Netty's SMTP codec allows a remote attacker who can control SMTP command parameters (e.g., an email recipient) to forge arbitrary emails from the trusted server. This bypasses standard email authentication and can be used to impersonate executives and forge high-stakes corporate communications. ### Details The root cause is t

_r_netsec@infosec.exchange at 2025-10-21T22:13:06.000Z ##

Casting a Net(ty) for Bugs, and Catching a Big One (CVE-2025-59419) https://www.depthfirst.com/post/our-ai-agent-found-a-netty-zero-day-that-bypasses-email-authentication-the-story-of-cve-2025-59419

##

CVE-2025-9804
(9.7 CRITICAL)

EPSS: 0.03%

updated 2025-10-17T18:31:07

2 posts

An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal SOAP Admin Services and System REST APIs. A low-privileged user may exploit this flaw to perform unauthorized operations, including accessing server-level information. This vulnerability affects only internal administrative interfaces. APIs exposed through the W

_r_netsec at 2025-10-28T07:28:06.101Z ##

WSO2 #2: The many ways to bypass authentication in WSO2 products (CVE-2025-9152, CVE-2025-10611, CVE-2025-9804) https://crnkovic.dev/wso2-the-authentication-bypasses/

##

_r_netsec@infosec.exchange at 2025-10-28T07:28:06.000Z ##

WSO2 #2: The many ways to bypass authentication in WSO2 products (CVE-2025-9152, CVE-2025-10611, CVE-2025-9804) https://crnkovic.dev/wso2-the-authentication-bypasses/

##

CVE-2025-9152
(9.8 CRITICAL)

EPSS: 0.06%

updated 2025-10-17T18:31:07

2 posts

An improper privilege management vulnerability exists in WSO2 API Manager due to missing authentication and authorization checks in the keymanager-operations Dynamic Client Registration (DCR) endpoint. A malicious user can exploit this flaw to generate access tokens with elevated privileges, potentially leading to administrative access and the ability to perform unauthorized operations.

_r_netsec at 2025-10-28T07:28:06.101Z ##

WSO2 #2: The many ways to bypass authentication in WSO2 products (CVE-2025-9152, CVE-2025-10611, CVE-2025-9804) https://crnkovic.dev/wso2-the-authentication-bypasses/

##

_r_netsec@infosec.exchange at 2025-10-28T07:28:06.000Z ##

WSO2 #2: The many ways to bypass authentication in WSO2 products (CVE-2025-9152, CVE-2025-10611, CVE-2025-9804) https://crnkovic.dev/wso2-the-authentication-bypasses/

##

CVE-2025-60358
(7.5 HIGH)

EPSS: 0.01%

updated 2025-10-17T15:32:08

1 posts

radare2 v.5.9.8 and before contains a memory leak in the function _load_relocations.

Ubuntu@activitypub.awakari.com at 2025-10-27T19:13:54.000Z ## Ubuntu 25.10: Radare2 Critical Memory Leak CVE-2025-60358 Radare2 could be made to crash if it received specially crafted input.

#Ubuntu #Linux #Distribution #- #Security #Advisories

Origin | Interest | Match ##

CVE-2025-2749
(7.2 HIGH)

EPSS: 0.54%

updated 2025-10-17T10:32:54.807000

1 posts

An authenticated remote code execution in Kentico Xperience allows authenticated users Staging Sync Server to upload arbitrary data to path relative locations. This results in path traversal and arbitrary file upload, including content that can be executed server side leading to remote code execution.This issue affects Kentico Xperience through 13.0.178.

beyondmachines1@infosec.exchange at 2025-10-21T19:01:31.000Z ##

CISA warns of active exploitation of critical authentication bypass flaws in Kentico Xperience CMS

CISA is warning of active exploitation of two critical authentication bypass vulnerabilities (CVE-2025-2746 and CVE-2025-2747, both CVSS 9.8) in Kentico Xperience CMS's Staging Sync Server component that allow unauthenticated attackers to gain administrative control. Researchers have chained with a file upload flaw (CVE-2025-2749) to achieve complete remote code execution and server compromise.

**If you're using Kentico Xperience CMS with the Staging Sync Server enabled (any version before 13.0.179), update immediately to version 13.0.179 or later. Attackers are actively exploiting flaws to take complete control of systems. If you can't update, disable the Staging Sync Server entirely or restrict network access to trusted internal IPs.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-warns-of-active-exploitation-of-critical-authentication-bypass-flaws-in-kentico-xperience-cms-p-o-2-8-l/gD2P6Ple2L

##

CVE-2025-11492
(9.7 CRITICAL)

EPSS: 0.01%

updated 2025-10-16T21:31:20

1 posts

In the ConnectWise Automate Agent, communications could be configured to use HTTP instead of HTTPS. In such cases, an on-path threat actor with a man-in-the-middle network position could intercept, modify, or replay agent-server traffic. Additionally, the encryption method used to obfuscate some communications over the HTTP channel is updated in the Automate 2025.9 patch to enforce HTTPS for all a

PostgreSQL@activitypub.awakari.com at 2025-10-20T10:01:20.000Z ## ConnectWise Automate Flaws Allow Fake Updates: CVE-2025-11492 and CVE-2025-11493 ConnectWise Automate Flaws Allow Fake Updates: CVE-2025-11492 and CVE-2025-11493 When trusted IT management platform...

#Cyber #News

Origin | Interest | Match ##

CVE-2025-10611
(9.8 CRITICAL)

EPSS: 0.15%

updated 2025-10-16T15:30:49

2 posts

Due to an insufficient access control implementation in multiple WSO2 Products, authentication and authorization checks for certain REST APIs can be bypassed, allowing them to be invoked without proper validation. Successful exploitation of this vulnerability could lead to a malicious actor gaining administrative access and performing unauthenticated and unauthorized administrative operations.

_r_netsec at 2025-10-28T07:28:06.101Z ##

WSO2 #2: The many ways to bypass authentication in WSO2 products (CVE-2025-9152, CVE-2025-10611, CVE-2025-9804) https://crnkovic.dev/wso2-the-authentication-bypasses/

##

_r_netsec@infosec.exchange at 2025-10-28T07:28:06.000Z ##

WSO2 #2: The many ways to bypass authentication in WSO2 products (CVE-2025-9152, CVE-2025-10611, CVE-2025-9804) https://crnkovic.dev/wso2-the-authentication-bypasses/

##

CVE-2025-55315
(9.9 CRITICAL)

EPSS: 0.09%

updated 2025-10-16T14:56:09.263000

17 posts

Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.

6 repos

https://github.com/RootAid/CVE-2025-55315

https://github.com/nickcopi/CVE-2025-55315-detection-playground

https://github.com/sirredbeard/CVE-2025-55315-repro

https://github.com/jlinebau/CVE-2025-55315-Scanner-Monitor

https://github.com/blackquantas/CVE-2025-55315

https://github.com/7huukdlnkjkjba/CVE-2025-55315-

hacker_news_bot@mastodon.social at 2025-10-28T12:50:03.000Z ##

📜 Latest Top Story on #HackerNews: Understanding the Worst .NET Vulnerability
🔍 Original Story: https://andrewlock.net/understanding-the-worst-dotnet-vulnerability-request-smuggling-and-cve-2025-55315/
👤 Author: ingve
⭐ Score: 74
💬 Number of Comments: 6
🕒 Posted At: 2025-10-28 11:03:38 UTC
🔗 URL: https://news.ycombinator.com/item?id=45731315
#hackernews #bot #hackernewsbot #news

##

hn50@social.lansky.name at 2025-10-28T12:05:06.000Z ##

Understanding the Worst .NET Vulnerability

Link: https://andrewlock.net/understanding-the-worst-dotnet-vulnerability-request-smuggling-and-cve-2025-55315/
Discussion: https://news.ycombinator.com/item?id=45731315

##

newsycombinator@framapiaf.org at 2025-10-28T12:00:39.000Z ##

Understanding the Worst .NET Vulnerability
Link: https://andrewlock.net/understanding-the-worst-dotnet-vulnerability-request-smuggling-and-cve-2025-55315/
Comments: https://news.ycombinator.com/item?id=45731315

##

ycombinator@rss-mstdn.studiofreesia.com at 2025-10-28T11:26:38.000Z ##

Understanding the Worst .NET Vulnerability
https://andrewlock.net/understanding-the-worst-dotnet-vulnerability-request-smuggling-and-cve-2025-55315/
#ycombinator

##

hacker_news_bot@mastodon.social at 2025-10-28T11:25:05.000Z ##

📜 Latest Top Story on #HackerNews: Understanding the Worst .NET Vulnerability
🔍 Original Story: https://andrewlock.net/understanding-the-worst-dotnet-vulnerability-request-smuggling-and-cve-2025-55315/
👤 Author: ingve
⭐ Score: 16
💬 Number of Comments: 1
🕒 Posted At: 2025-10-28 11:03:38 UTC
🔗 URL: https://news.ycombinator.com/item?id=45731315
#hackernews #bot #hackernewsbot #news

##

hnbot@chrispelli.fun at 2025-10-28T11:14:19.000Z ##

Understanding the Worst .NET Vulnerability - https://andrewlock.net/understanding-the-worst-dotnet-vulnerability-request-smuggling-and-cve-2025-55315/

#hackernews

##

ngate@mastodon.social at 2025-10-28T11:13:17.000Z ##

🔍😱 Behold, the #apocalyptic #.NET #vulnerability that scores a 9.9 on the "CVSS #scale of doom"—because who doesn't love a good #disaster flick with code? Our hero embarks on a 24-minute epic saga, unraveling the mysteries of #request #smuggling while holding a Dometrain discount code like a sword of wisdom. 🛡️🎢
https://andrewlock.net/understanding-the-worst-dotnet-vulnerability-request-smuggling-and-cve-2025-55315/ #CVSS #HackerNews #ngated

##

h4ckernews@mastodon.social at 2025-10-28T11:13:11.000Z ##

Understanding the Worst .NET Vulnerability

https://andrewlock.net/understanding-the-worst-dotnet-vulnerability-request-smuggling-and-cve-2025-55315/

#HackerNews #Understanding #.NET #Vulnerability #Request #Smuggling #CVE-2025-55315 #Cybersecurity

##

beyondmachines1 at 2025-10-28T10:01:31.682Z ##

Critical ASP.NET Core flaw affects QNAP NetBak PC Agent and Enterprise web applications

QNAP issued a security advisory warning that its NetBak PC Agent backup software is vulnerable to a critical HTTP request smuggling flaw (CVE-2025-55315) in the ASP.NET Core Kestrel web server component, which could allow authenticated attackers to bypass security features, hijack credentials, and gain unauthorized access.

**If you're using QNAP NetBak PC Agent backup software, immediately reinstall the latest version from QNAP's website - this will automatically update the vulnerable ASP.NET Core components to fix CVE-2025-55315. Alternatively, manually download and install the latest ASP.NET Core Runtime Hosting Bundle (version 8.0.21 or newer) from Microsoft's .NET download page and restart your system.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-asp-net-core-flaw-affects-qnap-netbak-pc-agent-and-enterprise-web-applications-7-n-x-4-e/gD2P6Ple2L

##

undercodenews@mastodon.social at 2025-10-27T23:21:55.000Z ##

QNAP Issues Urgent Warning: Patch Critical ASPNET Core Vulnerability Affecting NetBak PC Agent

Cybersecurity Alert Shakes NAS Users as CVE-2025-55315 Emerges QNAP, one of the leading providers of network-attached storage (NAS) solutions, has issued a critical security warning to its customers, urging them to patch a severe ASP.NET Core vulnerability that directly affects its NetBak PC Agent software. The flaw, now tracked as CVE-2025-55315, has been described as one of…

https://undercodenews.com/qnap-issues-urgent-warning-patch-critical-aspnet-core-vulnerability-affecting-netbak-pc-agent/

##

jos1264@social.skynetcloud.site at 2025-10-28T12:25:02.000Z ##

Critical Flaw CVE-2025-55315 Exposes QNAP NetBak PC Agent to Security Bypass Attacks https://thecyberexpress.com/cve-2025-55315-hits-qnap-netbak-pc-agent/ #TheCyberExpressNews #Vulnerabilities #TheCyberExpress #FirewallDaily #CVE202555315 #HTTPRequests #CyberNews #NetBakPC #CWE444

##

hn50@social.lansky.name at 2025-10-28T12:05:06.000Z ##

Understanding the Worst .NET Vulnerability

Link: https://andrewlock.net/understanding-the-worst-dotnet-vulnerability-request-smuggling-and-cve-2025-55315/
Discussion: https://news.ycombinator.com/item?id=45731315

##

newsycombinator@framapiaf.org at 2025-10-28T12:00:39.000Z ##

Understanding the Worst .NET Vulnerability
Link: https://andrewlock.net/understanding-the-worst-dotnet-vulnerability-request-smuggling-and-cve-2025-55315/
Comments: https://news.ycombinator.com/item?id=45731315

##

ycombinator@rss-mstdn.studiofreesia.com at 2025-10-28T11:26:38.000Z ##

Understanding the Worst .NET Vulnerability
https://andrewlock.net/understanding-the-worst-dotnet-vulnerability-request-smuggling-and-cve-2025-55315/
#ycombinator

##

h4ckernews@mastodon.social at 2025-10-28T11:13:11.000Z ##

Understanding the Worst .NET Vulnerability

https://andrewlock.net/understanding-the-worst-dotnet-vulnerability-request-smuggling-and-cve-2025-55315/

#HackerNews #Understanding #.NET #Vulnerability #Request #Smuggling #CVE-2025-55315 #Cybersecurity

##

beyondmachines1@infosec.exchange at 2025-10-28T10:01:31.000Z ##

Critical ASP.NET Core flaw affects QNAP NetBak PC Agent and Enterprise web applications

QNAP issued a security advisory warning that its NetBak PC Agent backup software is vulnerable to a critical HTTP request smuggling flaw (CVE-2025-55315) in the ASP.NET Core Kestrel web server component, which could allow authenticated attackers to bypass security features, hijack credentials, and gain unauthorized access.

**If you're using QNAP NetBak PC Agent backup software, immediately reinstall the latest version from QNAP's website - this will automatically update the vulnerable ASP.NET Core components to fix CVE-2025-55315. Alternatively, manually download and install the latest ASP.NET Core Runtime Hosting Bundle (version 8.0.21 or newer) from Microsoft's .NET download page and restart your system.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-asp-net-core-flaw-affects-qnap-netbak-pc-agent-and-enterprise-web-applications-7-n-x-4-e/gD2P6Ple2L

##

north@ꩰ.com at 2025-10-21T16:50:48.000Z ##

It's going to be a long week...

CVE-2025-55315

##

CVE-2025-2905
(9.1 CRITICAL)

EPSS: 0.14%

updated 2025-10-16T12:15:47.167000

2 posts

Due to the improper configuration of XML parser, user-supplied XML is parsed without applying sufficient restrictions, enabling XML External Entity (XXE) resolution in multiple WSO2 Products. A successful XXE attack could allow a remote, unauthenticated attacker to: * Read sensitive files from the server’s filesystem. * Perform denial-of-service (DoS) attacks, which can render the affected

_r_netsec at 2025-10-28T08:43:06.324Z ##

404 to arbitrary file read in WSO2 API Manager (CVE-2025-2905) https://crnkovic.dev/wso2-404-to-arbitrary-file-read/

##

_r_netsec@infosec.exchange at 2025-10-28T08:43:06.000Z ##

404 to arbitrary file read in WSO2 API Manager (CVE-2025-2905) https://crnkovic.dev/wso2-404-to-arbitrary-file-read/

##

CVE-2025-7328(CVSS UNKNOWN)

EPSS: 0.06%

updated 2025-10-14T15:31:33

1 posts

Multiple Broken Authentication security issues exist in the affected product. The security issues are due to missing authentication checks on critical functions. These could result in potential denial-of-service, admin account takeover, or NAT rule modifications. Devices would no longer be able to communicate through NATR as a result of denial-of-service or NAT rule modifications. NAT rule modific

beyondmachines1@infosec.exchange at 2025-10-22T08:01:31.000Z ##

CISA warns of critical vulnerabilities in Rockwell Automation 1783-NATR

CISA is reporting multiple vulnerabilities in Rockwell Automation's 1783-NATR router, including critical CVE-2025-7328 that allows attackers to bypass authentication on critical functions leading to denial-of-service, admin takeover, or NAT rule modification. The other two flaws enable stored XSS and CSRF attacks.

**If you're using Rockwell Automation 1783-NATR routers make sure they are isolated from the internet and accessible only from trusted networks. Then plan a quick update to to firmware version 1.007 or later. Some of these flaws require admin privileges, so isolation and phishing awareness will go a long way until you patch.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/cisa-warns-of-critical-vulnerabilities-in-rockwell-automation-1783-natr-k-m-i-j-f/gD2P6Ple2L

##

CVE-2025-59685
(0 None)

EPSS: 0.02%

updated 2025-10-02T19:11:46.753000

1 posts

Kazaar 1.25.12 allows a JWT with none in the alg field.

cendyne@furry.engineer at 2025-10-26T14:28:14.000Z ##

For the curious, its CVE-2025-59685

##

CVE-2025-5717
(6.7 MEDIUM)

EPSS: 0.32%

updated 2025-09-24T18:11:24.520000

2 posts

An authenticated remote code execution (RCE) vulnerability exists in multiple WSO2 products due to improper input validation in the event processor admin service. A user with administrative access to the SOAP admin services can exploit this flaw by deploying a Siddhi execution plan containing malicious Java code, resulting in arbitrary code execution on the server. Exploitation of this vulnerabil

2 repos

https://github.com/semaja22/CVE-2025-57176

https://github.com/semaja22/CVE-2025-57174

campuscodi@mastodon.social at 2025-10-28T08:30:15.000Z ##

"Out of the multiple vulnerabilities we reported, WSO2 addressed and assigned a CVE identifier to only one: the Siddhi RCE via SOAP administration services (CVE-2025-5717 ). The remaining vulnerabilities were not remediated, and no CVEs were assigned by WSO2"

Le sigh...

https://blog.lexfo.fr/wso2.html

##

campuscodi@mastodon.social at 2025-10-28T08:30:15.000Z ##

"Out of the multiple vulnerabilities we reported, WSO2 addressed and assigned a CVE identifier to only one: the Siddhi RCE via SOAP administration services (CVE-2025-5717 ). The remaining vulnerabilities were not remediated, and no CVEs were assigned by WSO2"

Le sigh...

https://blog.lexfo.fr/wso2.html

##

CVE-2025-8750
(2.4 LOW)

EPSS: 0.04%

updated 2025-08-09T09:30:20

1 posts

A vulnerability has been found in macrozheng mall up to 1.0.3 and classified as problematic. Affected by this vulnerability is the function Upload of the file /minio/upload of the component Add Product Page. The manipulation of the argument File leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted

beyondmachines1@infosec.exchange at 2025-10-22T11:01:31.000Z ##

Critical command injection vulnerabilities in TP-Link Omada Gateways enable remote code execution

TP-Link has disclosed multiple critical vulnerabilities in its Omada gateway product line, including CVE-2025-6542, an unauthenticated remote command injection flaw that allows attackers to execute arbitrary OS commands without credentials, and three additional command injection and privilege escalation vulnerabilities (CVE-2025-6541, CVE-2025-8750, and CVE-2025-7851) affecting 13 different Omada gateway models.

**If you're using TP-Link Omada gateways, update to the latest firmware ASAP. There is at least one critical flaw that can be exploited remotely without authentication. Prioritize patching internet-facing gateways first. Isolating doesn't really work for a device that's designed to be a gateway to other networks.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-command-injection-vulnerabilities-in-tp-link-omada-gateways-enable-remote-code-execution-z-f-2-7-o/gD2P6Ple2L

##

CVE-2025-47219
(8.1 HIGH)

EPSS: 0.11%

updated 2025-08-08T18:33:23

1 posts

In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_trak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure.

Ubuntu@activitypub.awakari.com at 2025-10-27T22:24:55.000Z ## Ubuntu 20.04 LTS GStreamer Good Plugins Critical DoS CVE-2025-47219 GStreamer Good Plugins could be made to crash as your login if it opened a specially crafted file.

#Ubuntu #Linux #Distribution #- #Security #Advisories

Origin | Interest | Match ##

CVE-2025-34033
(8.8 HIGH)

EPSS: 0.27%

updated 2025-07-09T19:09:18.207000

1 posts

An OS command injection vulnerability exists in the Blue Angel Software Suite running on embedded Linux devices via the ping_addr parameter in the webctrl.cgi script. The application fails to properly sanitize input before passing it to the system-level ping command. An authenticated attacker can inject arbitrary commands by appending shell metacharacters to the ping_addr parameter in a crafted GE

sans_isc@infosec.exchange at 2025-10-22T14:26:23.000Z ##

webctrl.cgi/Blue Angel Software Suite Exploit Attempts. Maybe CVE-2025-34033 Variant? https://isc.sans.edu/diary/32410

##

CVE-2023-4863
(8.8 HIGH)

EPSS: 94.12%

updated 2025-07-09T15:52:20

1 posts

Heap buffer overflow in libwebp allow a remote attacker to perform an out of bounds memory write via a crafted HTML page.

10 repos

https://github.com/GTGalaxi/ElectronVulnerableVersion

https://github.com/mistymntncop/CVE-2023-4863

https://github.com/OITApps/Find-VulnerableElectronVersion

https://github.com/caoweiquan322/NotEnough

https://github.com/CrackerCat/CVE-2023-4863-

https://github.com/bbaranoff/CVE-2023-4863

https://github.com/talbeerysec/BAD-WEBP-CVE-2023-4863

https://github.com/huiwen-yayaya/CVE-2023-4863

https://github.com/LiveOverflow/webp-CVE-2023-4863

https://github.com/murphysecurity/libwebp-checker

agnieszkaserafinowicz@imagazine.pl at 2025-10-26T09:00:25.000Z ##

CodeMender od Google DeepMind: AI, która sama znajduje i naprawia błędy bezpieczeństwa

Google DeepMind zaprezentowało wyniki badań nad CodeMender – nowym agentem AI zaprojektowanym do automatycznego poprawiania bezpieczeństwa kodu.

Rozwiązanie to ma odpowiadać na rosnący problem: choć tradycyjne metody i nowe narzędzia AI, takie jak Big Sleep czy OSS-Fuzz, są coraz skuteczniejsze w odkrywaniu luk, ich ręczne naprawianie jest czasochłonne. W miarę postępów w wykrywaniu podatności, programiści (ludzie) mogą przestać nadążać z ich usuwaniem.

Agent działa na dwa sposoby: reaktywnie, natychmiast łatając nowe luki, oraz proaktywnie, przepisując istniejący kod w celu wyeliminowania całych klas podatności. CodeMender wykorzystuje zdolności rozumowania modeli Gemini Deep Think, aby działać jako autonomiczny agent. Kluczowym elementem jest proces automatycznej walidacji, który gwarantuje, że proponowane poprawki są właściwe, nie powodują regresji (czyli nie psują innych funkcji w kodzie programu) i są zgodne z wytycznymi projektu, zanim zostaną przedstawione człowiekowi do weryfikacji.

Aby skutecznie znaleźć źródło problemu, CodeMender wykorzystuje zaawansowane techniki analizy programu, w tym analizę statyczną, dynamiczną i tzw. fuzzing (testowanie odporności kodu losowymi, celowo zniekształconymi danymi). Pozwala mu to zidentyfikować rzeczywistą przyczynę błędu, a nie tylko jego objawy – jak informuje Google DeepMind w swoim wpisie na oficjalnym blogu, w jednym z przykładów agent odkrył, że zgłaszany błąd przepełnienia bufora był w rzeczywistości spowodowany nieprawidłowym zarządzaniem stosu podczas parsowania XML. System korzysta również z wyspecjalizowanych agentów (systemy wieloagentowe), np. narzędzia opartego na LLM, które weryfikuje zmiany i pomaga w autokorekcie.

Google DeepMind poinformowało, że w ciągu ostatnich sześciu miesięcy, odkąd rozwijany jest CodeMender, zespół przesłał już 72 poprawki bezpieczeństwa do różnych projektów open source, z których wiele zostało już zaakceptowanych. Niektóre z tych projektów liczą nawet 4,5 miliona linii kodu. W ramach działań proaktywnych, CodeMender został użyty m.in. do biblioteki libwebp, aby dodać adnotacje -fbounds-safety. Mechanizm ten pomógłby zapobiec wykorzystaniu słynnej luki (CVE-2023-4863), która w przeszłości była używana do ataków na urządzenia z systemem iOS.

Badacze podkreślają, że choć wczesne wyniki są obiecujące, podchodzą do projektu ostrożnie, stawiając na niezawodność. Obecnie wszystkie poprawki generowane przez CodeMender są sprawdzane przez ekspertów DeepMind przed ich wysłaniem. Zespół planuje stopniowo zwiększać ten proces i kontaktować się z opiekunami krytycznych projektów open source, aby rozwijać własne dzieło na podstawie ich opinii. Celem jest udostępnienie CodeMender jako narzędzia, z którego będą mogli korzystać wszyscy programiści.

Vibe coding, czyli programowanie na czuja. AI miało zastąpić programistów, a stworzyło dla nich nowy rynek pracy

#AI #Bezpieczeństwo #CodeMender #cyberbezpieczeństwo #Gemini #GeminiDeepThink #Google #GoogleDeepMind #kod #lukiWOprogramowaniu #news #openSource #programowanie #sztucznaInteligencja

##

CVE-2025-20307
(4.8 MEDIUM)

EPSS: 0.04%

updated 2025-07-02T18:30:42

1 posts

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform could allow an authenticated, remote attacker to to conduct cross-site scripting (XSS) attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this

AAKL@infosec.exchange at 2025-10-22T16:03:58.000Z ##

Cisco posted this yesterday, if you missed it:

CVE-2025-20307: Cisco BroadWorks CommPilot Application Software Cross-Site Scripting Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-broadworks-xss-O696ymRA @TalosSecurity #cybersecurity #infosec #Cisco

##

CVE-2025-2777
(9.3 CRITICAL)

EPSS: 6.59%

updated 2025-05-07T15:31:49

1 posts

SysAid On-Prem versions <= 23.3.40 are vulnerable to an unauthenticated XML External Entity (XXE) vulnerability in the lshw processing functionality, allowing for administrator account takeover and file read primitives.

https://github.com/watchtowrlabs/watchTowr-vs-SysAid-PreAuth-RCE-Chain

1 repos

DarkWebInformer@infosec.exchange at 2025-10-23T17:37:43.000Z ##

🚨PoC for SysAid PreAuth RCE Chain (CVE-2025-2775, CVE-2025-2776, CVE-2025-2777, CVE-2025-2778)

GitHub: https://github.com/watchtowrlabs/watchTowr-vs-SysAid-PreAuth-RCE-Chain

Write-up: https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/

##

CVE-2025-2778
(0 None)

EPSS: 0.00%

updated 2025-05-07T15:15:57.813000

1 posts

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

1 repos

https://github.com/watchtowrlabs/watchTowr-vs-SysAid-PreAuth-RCE-Chain

DarkWebInformer@infosec.exchange at 2025-10-23T17:37:43.000Z ##

🚨PoC for SysAid PreAuth RCE Chain (CVE-2025-2775, CVE-2025-2776, CVE-2025-2777, CVE-2025-2778)

GitHub: https://github.com/watchtowrlabs/watchTowr-vs-SysAid-PreAuth-RCE-Chain

Write-up: https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/

##

CVE-2024-26700
(5.5 MEDIUM)

EPSS: 0.01%

updated 2025-01-07T21:31:57

1 posts

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix MST Null Ptr for RV The change try to fix below error specific to RV platform: BUG: kernel NULL pointer dereference, address: 0000000000000008 PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 4 PID: 917 Comm: sway Not tainted 6.3.9-arch1-1 #1 124dc55df4f5272ccb409f39ef4872fc2b3376a2 Hardware name: LENOVO

Ubuntu@activitypub.awakari.com at 2025-10-20T22:39:32.000Z ## Ubuntu 22.04 LTS: Linux Kernel Critical Update USN-7829-2 CVE-2024-26700 Several security issues were fixed in the Linux kernel.

#Ubuntu #Linux #Distribution #- #Security #Advisories

Origin | Interest | Match ##

CVE-2023-4617
(10.0 CRITICAL)

EPSS: 0.54%

updated 2024-12-19T12:32:50

1 posts

Incorrect authorization vulnerability in HTTP POST method in Govee Home application on Android and iOS allows remote attacker to control devices owned by other users via changing "device", "sku" and "type" fields' values. This issue affects Govee Home applications on Android and iOS in versions before 5.9.

zaufanatrzeciastrona@infosec.exchange at 2025-10-22T13:51:57.000Z ##

Bezpieczeństwo IoT nie może być traktowane po macoszemu! 🚨

Jan Adamski i Marcin Rytel podzielą się wynikami badań i testów penetracyjnych wybranych urządzeń IoT, pokazując, jak krytyczne luki mogą realnie zagrozić milionom użytkowników.

➡️ Poznaj autorską metodologię PMIoT, umożliwiającą wykrywanie podatności na wielu warstwach: od aplikacji mobilnych, przez komunikację sieciową, po analizę kryptograficzną.
➡️ Zobacz kulisy odkrycia CVE-2023-4617 (CVSS 10.0) - krytycznej luki umożliwiającej zdalny dostęp do popularnych urządzeń smart.
➡️ Poznaj bazę VARIoT, która agreguje informacje o podatnościach w świecie IoT.
➡️ Dowiedz się, jak przebiega proces odpowiedzialnego ujawniania podatności.

🎯 Nie przegap szansy i dowiedz się, jak realnie chronić użytkowników i systemy w erze IoT! Dołącz do #OMHconf 👉 https://bit.ly/OMH-bilety

#OhMyHack #OMH #cyberbezpieczenstwo #IoT

##

CVE-2022-45460
(9.8 CRITICAL)

EPSS: 54.02%

updated 2023-04-15T05:07:07

1 posts

Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow an unauthenticated and remote user to exploit a stack-based buffer overflow and crash the web server, resulting in a system reboot. An unauthenticated and remote attacker can execute arbitrary code by sending a crafted HTTP request that triggers the o

1 repos

https://github.com/born0monday/CVE-2022-45460

hrbrmstr@mastodon.social at 2025-10-24T11:11:20.000Z ##

For today's morning 😭 injection for @neurovagrant we turn to a recent spike in res. proxy traffic from Sudan.

Some sleuthing led to an odd spike in CVE-2022-45460 (9.8 CVSS) traffic — a stack-based buffer overflow in Xiongmai NVR (Network Video Recorder) devices.

Nearly 20K source IPs (mostly res proxies) have been involved in the steady elevated campaign + spike in the last 30 days.

Tis unknown if the source country networks were "luck of the draw" or deliberately selected by the attacker.

##

CVE-2025-52665
(0 None)

EPSS: 0.00%

2 posts

N/A

beyondmachines1 at 2025-10-28T09:01:31.673Z ##

Critical authentication bypass flaw reported in Ubiquiti UniFi Access

Ubiquiti Networks disclosed a critical authentication bypass vulnerability (CVE-2025-52665) in its UniFi Access physical security management application affecting versions 3.3.22 through 3.4.31, which exposes the management API and could allow attackers to gain complete control over door access systems, modify permissions, create unauthorized credentials, and disable security controls.

**If you're using Ubiquiti UniFi Access for door control, make sure it's isolated from untrusted networks and very difficult to reach. It can be hacked to let attackers unlock doors and control your entire physical security system. Plan a very quick update to version 4.0.21 or newer and review your access logs for any suspicious door unlocks or new credentials that shouldn't exist.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-bypass-flaw-reported-in-ubiquiti-unifi-access-g-m-6-u-4/gD2P6Ple2L

##

beyondmachines1@infosec.exchange at 2025-10-28T09:01:31.000Z ##

Critical authentication bypass flaw reported in Ubiquiti UniFi Access

Ubiquiti Networks disclosed a critical authentication bypass vulnerability (CVE-2025-52665) in its UniFi Access physical security management application affecting versions 3.3.22 through 3.4.31, which exposes the management API and could allow attackers to gain complete control over door access systems, modify permissions, create unauthorized credentials, and disable security controls.

**If you're using Ubiquiti UniFi Access for door control, make sure it's isolated from untrusted networks and very difficult to reach. It can be hacked to let attackers unlock doors and control your entire physical security system. Plan a very quick update to version 4.0.21 or newer and review your access logs for any suspicious door unlocks or new credentials that shouldn't exist.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-bypass-flaw-reported-in-ubiquiti-unifi-access-g-m-6-u-4/gD2P6Ple2L

##

CVE-2025-62516
(0 None)

EPSS: 0.00%

1 posts

N/A

offseq at 2025-10-28T03:01:41.756Z ##

⚠️ CRITICAL: CVE-2025-62516 in TurboTenant landlord onboarding (≤2.0.0) lets unauthenticated remote attackers access Stripe payment & tenant data via APIs. Patch or restrict API access now! https://radar.offseq.com/threat/cve-2025-62516-cwe-200-exposure-of-sensitive-infor-60b50e0f #OffSeq #infosec #privacy #CVE2025_62516

##

CVE-2025-12036
(0 None)

EPSS: 0.00%

2 posts

N/A

secureblue.dev@bsky.brid.gy at 2025-10-24T19:54:45.843Z ##

Trivalent 141.0.7390.127-440331 released: This release pulls in V8 14.1.146.13, which fixes CVE-2025-12036. This V8 version was supposed to be pulled into Chromium in 141.0.7390.122. This issue has been ack'd by Google here: issues.chromium.org/issues/45435... github.com/secureblue/T...

Release 141.0.7390.127-440331 ...

##

beyondmachines1@infosec.exchange at 2025-10-23T10:01:31.000Z ##

Google releases emergency security update for Chrome V8 Engine flaw

Google has released an emergency security update for Chrome patching CVE-2025-12036, a high-severity vulnerability in the V8 JavaScript engine. This is the second emergency Chrome patch in less than a week. Technical details remain restricted until most users apply the update. The patch is available as version 141.0.7390.122/.123 across Windows, Mac, Linux, and Android platforms.

**Google doesn't just push new emergency releases "just because". If you are using Google Chrome or other Chromium-based browsers (Edge, Brave, Vivaldi, Opera...) patch your browsers ASAP. Updating is trivial, all your tabs reopen.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/google-releases-emergency-security-update-for-chrome-v8-engine-flaw-n-f-j-i-c/gD2P6Ple2L

##

CVE-2025-62525
(0 None)

EPSS: 0.02%

1 posts

N/A

cR0w@infosec.exchange at 2025-10-22T16:10:10.000Z ##

Hikvision

Sauter

Ghost Robotics

Tenda

TOTOLINK

D-Link

OpenWRT

Hope you're hungry, @Dio9sys and @da_667

##

CVE-2025-62526
(0 None)

EPSS: 0.01%

1 posts

N/A

cR0w@infosec.exchange at 2025-10-22T16:10:10.000Z ##

Hikvision

Sauter

Ghost Robotics

Tenda

TOTOLINK

D-Link

OpenWRT

Hope you're hungry, @Dio9sys and @da_667

https://www.cve.org/CVERecord?id=CVE-2025-60722

##

CVE-2025-60722
(0 None)

EPSS: 0.00%

1 posts

N/A

cR0w@infosec.exchange at 2025-10-21T17:45:45.000Z ##

Netlink