CVE-2024-47829 - "Pnpm MD5 Path Shortening Collision Vulnerability"
CVE ID : CVE-2024-47829
Published : April 23, 2025, 4:15 p.m. | 26 minutes ago
Description : pnpm is a package manager. Prior to version 10.0.0, the path shortening function uses the md5 function as a path shortening compression function, and if a collision occurs, it will result in the same storage path for two different libraries. Although the real names are under the package name /node_modoules/, there are no version numbers for the libraries they refer to. This issue has been patched in version 10.0.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-47829
Published : April 23, 2025, 4:15 p.m. | 26 minutes ago
Description : pnpm is a package manager. Prior to version 10.0.0, the path shortening function uses the md5 function as a path shortening compression function, and if a collision occurs, it will result in the same storage path for two different libraries. Although the real names are under the package name /node_modoules/, there are no version numbers for the libraries they refer to. This issue has been patched in version 10.0.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21605 - Redis Unauthenticated Output Buffer Overflow Vulnerability
CVE ID : CVE-2025-21605
Published : April 23, 2025, 4:15 p.m. | 26 minutes ago
Description : Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, the Redis configuration does not limit the output buffer of normal clients (see client-output-buffer-limit). Therefore, the output buffer can grow unlimitedly over time. As a result, the service is exhausted and the memory is unavailable. When password authentication is enabled on the Redis server, but no password is provided, the client can still cause the output buffer to grow from "NOAUTH" responses until the system will run out of memory. This issue has been patched in version 7.4.3. An additional workaround to mitigate this problem without patching the redis-server executable is to block access to prevent unauthenticated users from connecting to Redis. This can be done in different ways. Either using network access control tools like firewalls, iptables, security groups, etc, or enabling TLS and requiring users to authenticate using client side certificates.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21605
Published : April 23, 2025, 4:15 p.m. | 26 minutes ago
Description : Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, the Redis configuration does not limit the output buffer of normal clients (see client-output-buffer-limit). Therefore, the output buffer can grow unlimitedly over time. As a result, the service is exhausted and the memory is unavailable. When password authentication is enabled on the Redis server, but no password is provided, the client can still cause the output buffer to grow from "NOAUTH" responses until the system will run out of memory. This issue has been patched in version 7.4.3. An additional workaround to mitigate this problem without patching the redis-server executable is to block access to prevent unauthenticated users from connecting to Redis. This can be done in different ways. Either using network access control tools like firewalls, iptables, security groups, etc, or enabling TLS and requiring users to authenticate using client side certificates.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-32966 - DataEase Remote Code Execution Vulnerability
CVE ID : CVE-2025-32966
Published : April 23, 2025, 4:15 p.m. | 25 minutes ago
Description : DataEase is an open-source BI tool alternative to Tableau. Prior to version 2.10.8, authenticated users can complete RCE through the backend JDBC link. This issue has been patched in version 2.10.8.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-32966
Published : April 23, 2025, 4:15 p.m. | 25 minutes ago
Description : DataEase is an open-source BI tool alternative to Tableau. Prior to version 2.10.8, authenticated users can complete RCE through the backend JDBC link. This issue has been patched in version 2.10.8.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-32968 - XWiki Blind SQL Injection Vulnerability
CVE ID : CVE-2025-32968
Published : April 23, 2025, 4:15 p.m. | 25 minutes ago
Description : XWiki is a generic wiki platform. In versions starting from 1.6-milestone-1 to before 15.10.16, 16.4.6, and 16.10.1, it is possible for a user with SCRIPT right to escape from the HQL execution context and perform a blind SQL injection to execute arbitrary SQL statements on the database backend. Depending on the used database backend, the attacker may be able to not only obtain confidential information such as password hashes from the database, but also execute UPDATE/INSERT/DELETE queries. This issue has been patched in versions 16.10.1, 16.4.6 and 15.10.16. There is no known workaround, other than upgrading XWiki. The protection added to this REST API is the same as the one used to validate complete select queries, making it more consistent. However, while the script API always had this protection for complete queries, it's important to note that it's a very strict protection and some valid, but complex, queries might suddenly require the author to have programming right.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-32968
Published : April 23, 2025, 4:15 p.m. | 25 minutes ago
Description : XWiki is a generic wiki platform. In versions starting from 1.6-milestone-1 to before 15.10.16, 16.4.6, and 16.10.1, it is possible for a user with SCRIPT right to escape from the HQL execution context and perform a blind SQL injection to execute arbitrary SQL statements on the database backend. Depending on the used database backend, the attacker may be able to not only obtain confidential information such as password hashes from the database, but also execute UPDATE/INSERT/DELETE queries. This issue has been patched in versions 16.10.1, 16.4.6 and 15.10.16. There is no known workaround, other than upgrading XWiki. The protection added to this REST API is the same as the one used to validate complete select queries, making it more consistent. However, while the script API always had this protection for complete queries, it's important to note that it's a very strict protection and some valid, but complex, queries might suddenly require the author to have programming right.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-32969 - XWiki Blind SQL Injection Vulnerability
CVE ID : CVE-2025-32969
Published : April 23, 2025, 4:15 p.m. | 25 minutes ago
Description : XWiki is a generic wiki platform. In versions starting from 1.8 and prior to 15.10.16, 16.4.6, and 16.10.1, it is possible for a remote unauthenticated user to escape from the HQL execution context and perform a blind SQL injection to execute arbitrary SQL statements on the database backend, including when "Prevent unregistered users from viewing pages, regardless of the page rights" and "Prevent unregistered users from editing pages, regardless of the page rights" options are enabled. Depending on the used database backend, the attacker may be able to not only obtain confidential information such as password hashes from the database, but also execute UPDATE/INSERT/DELETE queries. This issue has been patched in versions 16.10.1, 16.4.6 and 15.10.16. There is no known workaround, other than upgrading XWiki.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-32969
Published : April 23, 2025, 4:15 p.m. | 25 minutes ago
Description : XWiki is a generic wiki platform. In versions starting from 1.8 and prior to 15.10.16, 16.4.6, and 16.10.1, it is possible for a remote unauthenticated user to escape from the HQL execution context and perform a blind SQL injection to execute arbitrary SQL statements on the database backend, including when "Prevent unregistered users from viewing pages, regardless of the page rights" and "Prevent unregistered users from editing pages, regardless of the page rights" options are enabled. Depending on the used database backend, the attacker may be able to not only obtain confidential information such as password hashes from the database, but also execute UPDATE/INSERT/DELETE queries. This issue has been patched in versions 16.10.1, 16.4.6 and 15.10.16. There is no known workaround, other than upgrading XWiki.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-45429 - Tenda ac9 Stack Overflow Vulnerability
CVE ID : CVE-2025-45429
Published : April 23, 2025, 4:15 p.m. | 25 minutes ago
Description : In the Tenda ac9 v1.0 router with firmware V15.03.05.14_multi, there is a stack overflow vulnerability in /goform/WifiWpsStart, which may lead to remote arbitrary code execution.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-45429
Published : April 23, 2025, 4:15 p.m. | 25 minutes ago
Description : In the Tenda ac9 v1.0 router with firmware V15.03.05.14_multi, there is a stack overflow vulnerability in /goform/WifiWpsStart, which may lead to remote arbitrary code execution.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46394 - BusyBox Tar Terminal Escape Sequence File Information Disclosure
CVE ID : CVE-2025-46394
Published : April 23, 2025, 4:15 p.m. | 25 minutes ago
Description : In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.
Severity: 3.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46394
Published : April 23, 2025, 4:15 p.m. | 25 minutes ago
Description : In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.
Severity: 3.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-28028 - TOTOLINK Buffer Overflow Vulnerability
CVE ID : CVE-2025-28028
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi through the v5 parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-28028
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c.5185_B20201128, and A3100R V4.1.2cu.5247_B20211129 were found to contain a buffer overflow vulnerability in downloadFile.cgi through the v5 parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29526 - Q4 Inc Investor Relations Platform XSS
CVE ID : CVE-2025-29526
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : A Cross-Site Scripting (XSS) vulnerability in the search function of Q4 Inc Investor Relations Platform v5.147.1.2 allows attackers to execute arbitrary Javascript via injecting a crafted payload into the SearchTerm parameter.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29526
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : A Cross-Site Scripting (XSS) vulnerability in the search function of Q4 Inc Investor Relations Platform v5.147.1.2 allows attackers to execute arbitrary Javascript via injecting a crafted payload into the SearchTerm parameter.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2760 - GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability
CVE ID : CVE-2025-2760
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25082.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2760
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25082.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2761 - GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE ID : CVE-2025-2761
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FLI files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25100.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2761
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FLI files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25100.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2762 - CarlinKit CPC200-CCPA Root of Trust Failure Privilege Escalation Vulnerability
CVE ID : CVE-2025-2762
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of CarlinKit CPC200-CCPA devices. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of the application system-on-chip (SoC). The issue results from the lack of a properly configured hardware root of trust. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the boot process. Was ZDI-CAN-25948.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2762
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of CarlinKit CPC200-CCPA devices. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of the application system-on-chip (SoC). The issue results from the lack of a properly configured hardware root of trust. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the boot process. Was ZDI-CAN-25948.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2763 - CarlinKit CPC200-CCPA Cryptographic Signature Verification Bypass Code Execution Vulnerability
CVE ID : CVE-2025-2763
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of update packages on USB drives. The issue results from the lack of proper verification of a cryptographic signature. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24356.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2763
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : CarlinKit CPC200-CCPA Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of update packages on USB drives. The issue results from the lack of proper verification of a cryptographic signature. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24356.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2764 - CarlinKit CPC200-CCPA Update.cgi Cryptographic Signature Verification Bypass Code Execution Vulnerability
CVE ID : CVE-2025-2764
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : CarlinKit CPC200-CCPA update.cgi Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of update packages provided to update.cgi. The issue results from the lack of proper verification of a cryptographic signature. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24355.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2764
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : CarlinKit CPC200-CCPA update.cgi Improper Verification of Cryptographic Signature Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of CarlinKit CPC200-CCPA devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of update packages provided to update.cgi. The issue results from the lack of proper verification of a cryptographic signature. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24355.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2765 - CarlinKit CPC200-CCPA Hard-Coded Credentials Authentication Bypass
CVE ID : CVE-2025-2765
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the wireless hotspot. The issue results from the use of hard-coded credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-24349.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2765
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of CarlinKit CPC200-CCPA devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the wireless hotspot. The issue results from the use of hard-coded credentials. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-24349.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2767 - Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution
CVE ID : CVE-2025-2767
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Minimal user interaction is required to exploit this vulnerability. The specific flaw exists within the processing of the User-Agent HTTP header. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24407.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2767
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Minimal user interaction is required to exploit this vulnerability. The specific flaw exists within the processing of the User-Agent HTTP header. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24407.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2768 - Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation
CVE ID : CVE-2025-2768
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-25041.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2768
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-25041.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2769 - Bdrive NetDrive OpenSSL Privilege Escalation Vulnerability
CVE ID : CVE-2025-2769
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-25295.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2769
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-25295.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2770 - BEC Technologies Router Cleartext Password Disclosure
CVE ID : CVE-2025-2770
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of BEC Technologies routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the web-based user interface. The issue results from storing credentials in a recoverable format. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-25986.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2770
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : BEC Technologies Multiple Routers Cleartext Password Storage Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of BEC Technologies routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the web-based user interface. The issue results from storing credentials in a recoverable format. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-25986.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2771 - BEC Technologies Router Authentication Bypass Vulnerability
CVE ID : CVE-2025-2771
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : BEC Technologies Multiple Routers Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of BEC Technologies routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web-based user interface. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25894.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2771
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : BEC Technologies Multiple Routers Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of BEC Technologies routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web-based user interface. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-25894.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2772 - BEC Technologies Router Credentials Disclosure Vulnerability
CVE ID : CVE-2025-2772
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : BEC Technologies Multiple Routers Insufficiently Protected Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of BEC Technologies routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within /cgi-bin/tools_usermanage.asp. The issue results from transmitting a list of users and their credentials to be handled on the client side. An attacker can leverage this vulnerability to disclose transported credentials, leading to further compromise. Was ZDI-CAN-25895.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2772
Published : April 23, 2025, 5:16 p.m. | 3 hours, 24 minutes ago
Description : BEC Technologies Multiple Routers Insufficiently Protected Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of BEC Technologies routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within /cgi-bin/tools_usermanage.asp. The issue results from transmitting a list of users and their credentials to be handled on the client side. An attacker can leverage this vulnerability to disclose transported credentials, leading to further compromise. Was ZDI-CAN-25895.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...