Aggregator
Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks
5 months 3 weeks ago
Commvault has released updates to address four security gaps that could be exploited to achieve remote code execution on susceptible instances.
The list of vulnerabilities, identified in Commvault versions before 11.36.60, is as follows -
CVE-2025-57788 (CVSS score: 6.9) - A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user
The Hacker News
AI Browsers Can Be Tricked Into Paying Fake Stores in PromptFix Attack
5 months 3 weeks ago
The PromptFix attack tricks AI browsers with fake CAPTCHAs, leading them to phishing sites and fake stores where…
Deeba Ahmed
Hackers deploy DripDropper via Apache ActiveMQ flaw, patch systems to evade detection
5 months 3 weeks ago
Hackers exploit Apache ActiveMQ flaw to install DripDropper on Linux, then patch it to block rivals and hide their tracks. Red Canary researchers observed attackers exploit a 2-year-old Apache ActiveMQ vulnerability, tracked as CVE-2023-46604 (CVSS score of 10.0), to gain persistence on cloud Linux systems and deploy DripDropper malware. Uniquely, they patch the flaw post-exploit […]
Pierluigi Paganini
Beast
5 months 3 weeks ago
You must login to view this content
cohenido
Europol confirms $50,000 Qilin ransomware reward is fake
5 months 3 weeks ago
Europol has confirmed that a Telegram channel impersonating the agency and offering a $50,000 reward for information on two Qilin ransomware administrators is fake. The impostor later admitted it was created to troll researchers and journalists. [...]
Lawrence Abrams
Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages
5 months 3 weeks ago
Threat actors have been observed leveraging the deceptive social engineering tactic known as ClickFix to deploy a versatile backdoor codenamed CORNFLAKE.V3.
Google-owned Mandiant described the activity, which it tracks as UNC5518, as part of an access-as-a-service scheme that employs fake CAPTCHA pages as lures to trick users into providing initial access to their systems, which is then
The Hacker News
Threat Actors Abuse Internet Archive to Host Stealthy JScript Loader
5 months 3 weeks ago
An Malicious actors are using reliable internet resources, such as the Internet Archive, more frequently to disseminate clandestine malware components in a worrying increase in cyberthreats. This tactic exploits the inherent trustworthiness of such platforms, allowing attackers to bypass traditional security filters and deliver payloads under the guise of legitimate content. The latest incident highlights […]
The post Threat Actors Abuse Internet Archive to Host Stealthy JScript Loader appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
Tree of AST: A Bug-Hunting Framework Powered by LLMs
5 months 3 weeks ago
Teenaged security researchers Sasha Zyuzin and Ruikai Peng discuss how their new vulnerability discovery framework leverages LLMs to address limitations of the past.
Alexander Culafi
CVE-2023-38533 | Siemens TIA Administrator up to 3 SP1 on Windows temp file (ssa-319319 / 3 SP2)
5 months 3 weeks ago
A vulnerability identified as problematic has been detected in Siemens TIA Administrator up to 3 SP1 on Windows. This affects an unknown function. This manipulation causes creation of temporary file in directory with insecure permissions.
This vulnerability appears as CVE-2023-38533. The attack requires local access. There is no available exploit.
It is suggested to install a patch to address this issue.
vuldb.com
CVE-2024-38371 | goauthentik prior 2024.2.4/2024.4.3/2024.6.0 access control (GHSA-jq3m-37m7-gp45)
5 months 3 weeks ago
A vulnerability was found in goauthentik authentik and classified as critical. The impacted element is an unknown function. Executing manipulation can lead to improper access controls.
This vulnerability is registered as CVE-2024-38371. It is possible to launch the attack remotely. No exploit is available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2025-9088 | Tenda AC20 16.03.08.12 formSetVirtualSer save_virtualser_data list stack-based overflow
5 months 3 weeks ago
A vulnerability was found in Tenda AC20 16.03.08.12. It has been rated as critical. This affects the function save_virtualser_data of the file /goform/formSetVirtualSer. Performing manipulation of the argument list results in stack-based buffer overflow.
This vulnerability is known as CVE-2025-9088. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com
CVE-2025-55587 | TOTOLINK A3002R 4.0.0-B20230531.1404 /boafrm/formMapDelDevice Hostname buffer overflow
5 months 3 weeks ago
A vulnerability has been found in TOTOLINK A3002R 4.0.0-B20230531.1404 and classified as critical. The affected element is an unknown function of the file /boafrm/formMapDelDevice. This manipulation of the argument Hostname causes buffer overflow.
This vulnerability is handled as CVE-2025-55587. The attack can be initiated remotely. There is not any exploit available.
vuldb.com
CVE-2025-55588 | TOTOLINK A3002R 4.0.0-B20230531.1404 /boafrm/formPortFw fw_ip buffer overflow
5 months 3 weeks ago
A vulnerability was found in TOTOLINK A3002R 4.0.0-B20230531.1404 and classified as critical. The impacted element is an unknown function of the file /boafrm/formPortFw. Such manipulation of the argument fw_ip leads to buffer overflow.
This vulnerability is uniquely identified as CVE-2025-55588. The attack can be launched remotely. No exploit exists.
vuldb.com
CVE-2025-55589 | TOTOLINK A3002R 4.0.0-B20230531.1404 /boafrm/formMapDelDevice clientoff os command injection
5 months 3 weeks ago
A vulnerability was found in TOTOLINK A3002R 4.0.0-B20230531.1404. It has been rated as critical. Affected is an unknown function of the file /boafrm/formMapDelDevice. The manipulation of the argument clientoff leads to os command injection.
This vulnerability is referenced as CVE-2025-55589. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com
CVE-2025-55590 | TOTOLINK A3002R 4.0.0-B20230531.1404 bupload.html command injection
5 months 3 weeks ago
A vulnerability marked as critical has been reported in TOTOLINK A3002R 4.0.0-B20230531.1404. This vulnerability affects unknown code of the file bupload.html. Performing manipulation results in command injection.
This vulnerability is cataloged as CVE-2025-55590. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-55591 | TOTOLINK A3002R 4.0.0-B20230531.1404 formMapDel devicemac command injection
5 months 3 weeks ago
A vulnerability described as critical has been identified in TOTOLINK A3002R 4.0.0-B20230531.1404. This issue affects some unknown processing of the file formMapDel. Executing manipulation of the argument devicemac can lead to command injection.
This vulnerability is registered as CVE-2025-55591. It is possible to launch the attack remotely. Furthermore, an exploit is available.
vuldb.com
CVE-2025-9087 | Tenda AC20 16.03.08.12 SetNetControlList Endpoint set_qosMib_list stack-based overflow (EUVD-2025-25102)
5 months 3 weeks ago
A vulnerability was found in Tenda AC20 16.03.08.12. It has been declared as critical. Affected by this issue is the function set_qosMib_list of the file /goform/SetNetControlList of the component SetNetControlList Endpoint. Such manipulation of the argument list leads to stack-based buffer overflow.
This vulnerability is traded as CVE-2025-9087. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-9089 | Tenda AC20 16.03.08.12 /goform/SetIpMacBind sub_48E628 list stack-based overflow (EUVD-2025-25103)
5 months 3 weeks ago
A vulnerability categorized as critical has been discovered in Tenda AC20 16.03.08.12. This vulnerability affects the function sub_48E628 of the file /goform/SetIpMacBind. Executing manipulation of the argument list can lead to stack-based buffer overflow.
This vulnerability is handled as CVE-2025-9089. The attack can be executed remotely. Additionally, an exploit exists.
vuldb.com
CVE-2025-9090 | Tenda AC20 16.03.08.12 Telnet Service /goform/telnet websFormDefine command injection (EDB-52418)
5 months 3 weeks ago
A vulnerability identified as critical has been detected in Tenda AC20 16.03.08.12. This issue affects the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection.
This vulnerability is uniquely identified as CVE-2025-9090. The attack is possible to be carried out remotely. Moreover, an exploit is present.
vuldb.com