๐จ CVE-2025-57579
An issue in TOTOLINK Wi-Fi 6 Router Series Device X2000R-Gh-V2.0.0 allows a remote attacker to execute arbitrary code via the default password
๐@cveNotify
An issue in TOTOLINK Wi-Fi 6 Router Series Device X2000R-Gh-V2.0.0 allows a remote attacker to execute arbitrary code via the default password
๐@cveNotify
GitHub
iot-cve/TOLOLINK/X2000R-Gh-V2.0.0.md at main ยท XXRicardo/iot-cve
some cve. Contribute to XXRicardo/iot-cve development by creating an account on GitHub.
๐จ CVE-2024-45431
OpenSynergy BlueSDK (aka Blue SDK) through 6.x has Improper Input Validation. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of proper validation of remote L2CAP channel ID (CID). An attacker can leverage this to create an L2CAP channel with the null identifier assigned as a remote CID.
๐@cveNotify
OpenSynergy BlueSDK (aka Blue SDK) through 6.x has Improper Input Validation. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of proper validation of remote L2CAP channel ID (CID). An attacker can leverage this to create an L2CAP channel with the null identifier assigned as a remote CID.
๐@cveNotify
Pcacybersecurity
Critical Vulnerabilities Blue SDK OpenSynergy | PCA Advisory
PCA Cyber Security researchers identified and announced critical vulnerabilities in the Bluetooth stack of Blue SDK. PCA Researchers name the discovered vulnerability chain PerfektBlue. PerfektBlue - 1-click RCE attack affects millions of devices used byโฆ
๐จ CVE-2024-45432
OpenSynergy BlueSDK (aka Blue SDK) through 6.x mishandles a function call. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from an incorrect variable used as a function argument. An attacker can leverage this to cause unexpected behavior or obtain sensitive information.
๐@cveNotify
OpenSynergy BlueSDK (aka Blue SDK) through 6.x mishandles a function call. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from an incorrect variable used as a function argument. An attacker can leverage this to cause unexpected behavior or obtain sensitive information.
๐@cveNotify
Pcacybersecurity
Critical Vulnerabilities Blue SDK OpenSynergy | PCA Advisory
PCA Cyber Security researchers identified and announced critical vulnerabilities in the Bluetooth stack of Blue SDK. PCA Researchers name the discovered vulnerability chain PerfektBlue. PerfektBlue - 1-click RCE attack affects millions of devices used byโฆ
๐จ CVE-2024-45433
OpenSynergy BlueSDK (aka Blue SDK) through 6.x has Incorrect Control Flow Scoping. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of proper return control flow after detecting an unusual condition. An attacker can leverage this to bypass a security validation and make the incoming data be processed.
๐@cveNotify
OpenSynergy BlueSDK (aka Blue SDK) through 6.x has Incorrect Control Flow Scoping. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of proper return control flow after detecting an unusual condition. An attacker can leverage this to bypass a security validation and make the incoming data be processed.
๐@cveNotify
Pcacybersecurity
Critical Vulnerabilities Blue SDK OpenSynergy | PCA Advisory
PCA Cyber Security researchers identified and announced critical vulnerabilities in the Bluetooth stack of Blue SDK. PCA Researchers name the discovered vulnerability chain PerfektBlue. PerfektBlue - 1-click RCE attack affects millions of devices used byโฆ
๐จ CVE-2025-59740
Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier is a 'm' parameter in '/clt/LOGINFRM_CAT.ASP'.
๐@cveNotify
Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier is a 'm' parameter in '/clt/LOGINFRM_CAT.ASP'.
๐@cveNotify
www.incibe.es
[Update 24/09/2025] Multiple vulnerabilities in AndSoft's e-TMS
INCIBE has coordinated the publication of 40 vulnerabilities: 8 critical, 1 high and 31 medium severit
๐จ CVE-2025-59741
Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier is a 'm' parameter in '/CLT/LOGINERRORFRM.ASP'.
๐@cveNotify
Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier is a 'm' parameter in '/CLT/LOGINERRORFRM.ASP'.
๐@cveNotify
www.incibe.es
[Update 24/09/2025] Multiple vulnerabilities in AndSoft's e-TMS
INCIBE has coordinated the publication of 40 vulnerabilities: 8 critical, 1 high and 31 medium severit
๐จ CVE-2025-59742
SQL injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability could allow an attacker to retrieve, create, update, and delete databases by sending a POST request. The relationship between parameter and assigned identifier is a 'USRMAIL' parameter in'/inc/login/TRACK_REQUESTFRMSQL.ASP'.
๐@cveNotify
SQL injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability could allow an attacker to retrieve, create, update, and delete databases by sending a POST request. The relationship between parameter and assigned identifier is a 'USRMAIL' parameter in'/inc/login/TRACK_REQUESTFRMSQL.ASP'.
๐@cveNotify
www.incibe.es
[Update 24/09/2025] Multiple vulnerabilities in AndSoft's e-TMS
INCIBE has coordinated the publication of 40 vulnerabilities: 8 critical, 1 high and 31 medium severit
๐จ CVE-2025-59743
SQL injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability could allow an attacker to retrieve, create, update, and delete databases by sending a POST request. The relationship between parameter and assigned identifier is a 'SessionID' cookie in '/inc/connect/CONNECTION.ASP'.
๐@cveNotify
SQL injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability could allow an attacker to retrieve, create, update, and delete databases by sending a POST request. The relationship between parameter and assigned identifier is a 'SessionID' cookie in '/inc/connect/CONNECTION.ASP'.
๐@cveNotify
www.incibe.es
[Update 24/09/2025] Multiple vulnerabilities in AndSoft's e-TMS
INCIBE has coordinated the publication of 40 vulnerabilities: 8 critical, 1 high and 31 medium severit
๐จ CVE-2025-59744
Path traversal vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to access files only within the web root using the โdocurlโ parameter in โ/lib/asp/DOCSAVEASASP.ASPโ.
๐@cveNotify
Path traversal vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to access files only within the web root using the โdocurlโ parameter in โ/lib/asp/DOCSAVEASASP.ASPโ.
๐@cveNotify
www.incibe.es
[Update 24/09/2025] Multiple vulnerabilities in AndSoft's e-TMS
INCIBE has coordinated the publication of 40 vulnerabilities: 8 critical, 1 high and 31 medium severit
๐จ CVE-2024-39819
Integrity check in the installer for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct a privilege escalation via local access.
๐@cveNotify
Integrity check in the installer for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct a privilege escalation via local access.
๐@cveNotify
Zoom
ZSB-24026
๐จ CVE-2024-39826
Race condition in Team Chat for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct information disclosure via network access.
๐@cveNotify
Race condition in Team Chat for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct information disclosure via network access.
๐@cveNotify
Zoom
ZSB-24023
๐จ CVE-2024-39823
Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
๐@cveNotify
Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
๐@cveNotify
Zoom
ZSB-24030
๐จ CVE-2024-39824
Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
๐@cveNotify
Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
๐@cveNotify
Zoom
ZSB-24030
๐จ CVE-2024-42434
Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
๐@cveNotify
Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
๐@cveNotify
Zoom
ZSB-24030
๐จ CVE-2024-42441
Incorrect privilege assignment in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.
๐@cveNotify
Incorrect privilege assignment in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.
๐@cveNotify
Zoom
ZSB-24034
๐ฅ1
๐จ CVE-2025-34188
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and Application prior to 20.0.1330 (macOS/Linux client deployments) contain a vulnerability in the local logging mechanism. Authentication session tokens, including PHPSESSID, XSRF-TOKEN, and laravel_session, are stored in cleartext within world-readable log files. Any local user with access to the machine can extract these session tokens and use them to authenticate remotely to the SaaS environment, bypassing normal login credentials, potentially leading to unauthorized system access and exposure of sensitive information. This vulnerability has been identified by the vendor as: V-2022-008 โ Secrets Leaked in Logs.
๐@cveNotify
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and Application prior to 20.0.1330 (macOS/Linux client deployments) contain a vulnerability in the local logging mechanism. Authentication session tokens, including PHPSESSID, XSRF-TOKEN, and laravel_session, are stored in cleartext within world-readable log files. Any local user with access to the machine can extract these session tokens and use them to authenticate remotely to the SaaS environment, bypassing normal login credentials, potentially leading to unauthorized system access and exposure of sensitive information. This vulnerability has been identified by the vendor as: V-2022-008 โ Secrets Leaked in Logs.
๐@cveNotify
๐จ CVE-2025-34189
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and Application versions prior to 20.0.1330 (macOS/Linux client deployments) contain a vulnerability in the local inter-process communication (IPC) mechanism. The software stores IPC request and response files inside /opt/PrinterInstallerClient/tmp with world-readable and world-writable permissions. Any local user can craft malicious request files that are processed by privileged daemons, leading to unauthorized actions being executed in other user sessions. This breaks user session isolation, potentially allowing local attackers to hijack sessions, perform unintended actions in the context of other users, and impact system integrity and availability. This vulnerability has been identified by the vendor as: V-2022-004 โ Client Inter-process Security.
๐@cveNotify
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and Application versions prior to 20.0.1330 (macOS/Linux client deployments) contain a vulnerability in the local inter-process communication (IPC) mechanism. The software stores IPC request and response files inside /opt/PrinterInstallerClient/tmp with world-readable and world-writable permissions. Any local user can craft malicious request files that are processed by privileged daemons, leading to unauthorized actions being executed in other user sessions. This breaks user session isolation, potentially allowing local attackers to hijack sessions, perform unintended actions in the context of other users, and impact system integrity and availability. This vulnerability has been identified by the vendor as: V-2022-004 โ Client Inter-process Security.
๐@cveNotify
๐จ CVE-2025-34191
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.843 and Application prior to 20.0.1923 (macOS/Linux client deployments) contain an arbitrary file write vulnerability via the response file handling. When tasks produce output the service writes response data into files under /opt/PrinterInstallerClient/tmp/responses/ reusing the requested filename. The service follows symbolic links in the responses directory and writes as the service user (typically root), allowing a local, unprivileged user to cause the service to overwrite or create arbitrary files on the filesystem as root. This can be used to modify configuration files, replace or inject binaries or drivers, and otherwise achieve local privilege escalation and full system compromise. This vulnerability has been identified by the vendor as: V-2023-019 โ Arbitrary File Write as Root.
๐@cveNotify
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.843 and Application prior to 20.0.1923 (macOS/Linux client deployments) contain an arbitrary file write vulnerability via the response file handling. When tasks produce output the service writes response data into files under /opt/PrinterInstallerClient/tmp/responses/ reusing the requested filename. The service follows symbolic links in the responses directory and writes as the service user (typically root), allowing a local, unprivileged user to cause the service to overwrite or create arbitrary files on the filesystem as root. This can be used to modify configuration files, replace or inject binaries or drivers, and otherwise achieve local privilege escalation and full system compromise. This vulnerability has been identified by the vendor as: V-2023-019 โ Arbitrary File Write as Root.
๐@cveNotify
๐จ CVE-2025-34192
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.893 and Application versions prior to 20.0.2140 (macOS/Linux client deployments) are built against OpenSSL 1.0.2h-fips (released May 2016), which has been end-of-life since 2019 and is no longer supported by the OpenSSL project. Continued use of this outdated cryptographic library exposes deployments to known vulnerabilities that are no longer patched, weakening the overall security posture. Affected daemons may emit deprecation warnings and rely on cryptographic components with unresolved security flaws, potentially enabling attackers to exploit weaknesses in TLS/SSL processing or cryptographic operations. This vulnerability has been identified by the vendor as: V-2023-021 โ Out-of-Date OpenSSL Library.
๐@cveNotify
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.893 and Application versions prior to 20.0.2140 (macOS/Linux client deployments) are built against OpenSSL 1.0.2h-fips (released May 2016), which has been end-of-life since 2019 and is no longer supported by the OpenSSL project. Continued use of this outdated cryptographic library exposes deployments to known vulnerabilities that are no longer patched, weakening the overall security posture. Affected daemons may emit deprecation warnings and rely on cryptographic components with unresolved security flaws, potentially enabling attackers to exploit weaknesses in TLS/SSL processing or cryptographic operations. This vulnerability has been identified by the vendor as: V-2023-021 โ Out-of-Date OpenSSL Library.
๐@cveNotify
๐จ CVE-2025-34195
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and Application prior to 20.0.1330 (Windows client deployments) contain a remote code execution vulnerability during driver installation caused by unquoted program paths. The PrinterInstallerClient driver-installation component launches programs using an unquoted path under "C:\Program Files (x86)\Printer Properties Pro\Printer Installer". Because the path is unquoted, the operating system may execute a program located at a short-path location such as C:\Program.exe before the intended binaries in the quoted path. If an attacker can place or cause a program to exist at that location, it will be executed with the privileges of the installer process (which may be elevated), enabling arbitrary code execution and potential privilege escalation. This weakness can be used to achieve remote code execution and full compromise of affected Windows endpoints. This vulnerability has been identified by the vendor as: V-2022-006 โ Driver Upload Security.
๐@cveNotify
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and Application prior to 20.0.1330 (Windows client deployments) contain a remote code execution vulnerability during driver installation caused by unquoted program paths. The PrinterInstallerClient driver-installation component launches programs using an unquoted path under "C:\Program Files (x86)\Printer Properties Pro\Printer Installer". Because the path is unquoted, the operating system may execute a program located at a short-path location such as C:\Program.exe before the intended binaries in the quoted path. If an attacker can place or cause a program to exist at that location, it will be executed with the privileges of the installer process (which may be elevated), enabling arbitrary code execution and potential privilege escalation. This weakness can be used to achieve remote code execution and full compromise of affected Windows endpoints. This vulnerability has been identified by the vendor as: V-2022-006 โ Driver Upload Security.
๐@cveNotify
๐จ CVE-2025-34197
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.951, Application prior to 20.0.2368 (VA and SaaS deployments) contain an undocumented local user account named ubuntu with a preset password and a sudoers entry granting that account passwordless root privileges (ubuntu ALL=(ALL) NOPASSWD: ALL). Anyone who knows the hardcoded password can obtain root privileges via local console or equivalent administrative access, enabling local privilege escalation. This vulnerability has been identified by the vendor as: V-2024-010 โ Hardcoded Linux Password. NOTE: The patch for this vulnerability is reported to be incomplete: /etc/shadow was remediated but /etc/sudoers remains vulnerable.
๐@cveNotify
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.951, Application prior to 20.0.2368 (VA and SaaS deployments) contain an undocumented local user account named ubuntu with a preset password and a sudoers entry granting that account passwordless root privileges (ubuntu ALL=(ALL) NOPASSWD: ALL). Anyone who knows the hardcoded password can obtain root privileges via local console or equivalent administrative access, enabling local privilege escalation. This vulnerability has been identified by the vendor as: V-2024-010 โ Hardcoded Linux Password. NOTE: The patch for this vulnerability is reported to be incomplete: /etc/shadow was remediated but /etc/sudoers remains vulnerable.
๐@cveNotify