Aggregator

CVE-2025-6102 | Wifi-soft UniBox Controller up to 20250506 logout.php mac_address os command injection (EUVD-2025-18358)

Vuldb Updates
2 months 3 weeks ago
A vulnerability classified as critical was found in Wifi-soft UniBox Controller up to 20250506. Affected by this vulnerability is an unknown functionality of the file /authentication/logout.php. The manipulation of the argument mac_address leads to os command injection. This vulnerability is known as CVE-2025-6102. The attack can be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-6103 | Wifi-soft UniBox Controller up to 20250506 test_accesscodelogin.php Password os command injection (EUVD-2025-18357)

Vuldb Updates
2 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in Wifi-soft UniBox Controller up to 20250506. Affected by this issue is some unknown functionality of the file /billing/test_accesscodelogin.php. The manipulation of the argument Password leads to os command injection. This vulnerability is handled as CVE-2025-6103. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-6100 | realguoshuai open-video-cms 1.0 /v1/video/list sort sql injection (EUVD-2025-18355)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in realguoshuai open-video-cms 1.0. It has been rated as critical. This issue affects some unknown processing of the file /v1/video/list. The manipulation of the argument sort leads to sql injection. The identification of this vulnerability is CVE-2025-6100. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

攻防演练倒计时!ZoomEye互联网攻击面管理平台助力收敛攻击面

嘶吼
2 months 3 weeks ago

北京某公司因技术人员在数据库测试后遗留弱口令测试账号,导致境外黑客利用漏洞窃取大量公民个人信息,被处罚人民币五万元; 湖南某信息技术公司因系统存在未授权访问漏洞,造成数据多次泄露。该公司、主管人员和直接责任人员分别被罚款二十万元、三万元和二万元;某市开发区因对当地网络运营者缺乏有效监督造成属地单位频发数据泄露等网络安全事件。相关负责人被约谈,要求严格落实网络安全工作责任制,全面梳理本地网络资产,加强属地隐患排查和安全防护。

这些案例揭示共同隐患:未管控的资产暴露面已成网络攻击标配入口。企业若对自身资产缺乏全景认知,犹如在攻防战场 "裸奔",随时可能重蹈案例中的覆辙。

2025年国家级攻防演练专项行动在即,这些案例正是最现实的预演。红队将以专业网情搜集绘制攻击图谱,而蓝队能否在演练中胜出,关键在于能否在战前完成 "资产暴露面梳理 - 风险监测 - 攻击面收敛" 的防御闭环。一场围绕 "网情搜集" 的攻防博弈早已拉开序幕。

一、红队攻击的基石:网情搜集

在网络攻防实战中,网情搜集是红队渗透的核心前置环节。其本质是指围绕目标系统的网络架构、IT资产、组织关系等方面展开情报攻坚,通过专业工具与技术手段绘制完整攻击图谱,为后续漏洞利用与路径规划提供精准支撑。

网情搜集时,一般先借助目标单位官方网站、企业信用信息查询平台等,梳理集团组织架构信息。再通过 Shodan、Censys、ZoomEye 空间搜索引擎等资产收集工具,获取联网设备资产清单。之后,运用专业扫描工具,开展端口服务探测、网站路径扫描、指纹识别与漏洞识别,精准定位系统脆弱点 。

正如网情搜集是红队实施外网纵向突破的核心前置环节,对蓝队而言,以同等甚至更大维度开展网情搜集同样是构建主动防御体系的关键。系统性梳理自身资产暴露面、挖掘潜在脆弱点,方能在攻防对抗中变被动应对为主动防控,将网情搜集转化为收缩攻击面、精准部署防御资源的核心切入点,从源头阻断红队的情报获取路径。

二、蓝队防守的贴心助手:ZoomEye互联网攻击面管理平台

ZoomEye互联网攻击面管理平台是以安全大数据为驱动,从攻击者视角审视互联网资产暴露面与脆弱性的 SaaS 产品,为客户提供持续全量资产发现与管理、风险监测与治理能力,实现互联网攻击面的梳理与收敛,成为网络安全合规与实战对抗中不可或缺的安全保护手段。只需完成授权,2分钟即可接入平台,获取单位整体攻击面。

1、“主动+被动”双重资产测绘,360° 透视资产全貌

知道创宇自主研发的 ZoomEye 早在2012年即开始对全球网络空间资产进行不间断的持续探测,目前已覆盖42亿的IPv4地址以及50亿的IPv6地址,积累超过350亿资产测绘数据。依赖于ZoomEye庞大的历史数据、遍布六大洲的2000+探测节点的持续资产探测,以及资产指纹规则积累,保障了资产数据的全面性、实时性、准确性。凭借着知道创宇17年来立足于攻防一线,为包括国家级重点信息系统在内的110万+业务系统提供安全防护服务,创宇安全智脑拥有全网独家的自产数据情报,数据维度80+,保障了资产数据的丰富性。

ZoomEye互联网攻击面管理平台依托于ZoomEye、创宇智脑进行主动+被动双重测绘,并将安全服务专家的工作经验沉淀为自动化工作流,能够从企业名称一键拓展所有控股单位,获取备案域名/IP信息,并进一步网状发散形成多维线索,多渠道自动化发现企业暴露在互联网的网站、IP、小程序、公众号、APP、人员、邮箱,帮助客户极速资产建档,360°透视资产全貌。

2、多维监测引擎,深度挖掘攻击面风险暗礁

Seebug漏洞平台2006年上线,近十万活跃白帽子,目前累计近10万漏洞信息,拥有超5万真实PoC。创宇安全智脑汇聚超万亿次攻击数据,持续捕获全球超90%的安全扫描器及各类安全监产品的攻击数据,通过自我学习不断赋能使得ScanV云监测能够持续更新,保持着对最新攻击手段、最新漏洞的敏锐度。404安全研究实验室十余年一线网络攻防经验,不断输出安全检测能力,经过安全专家把控上线的POC,也保障了ScanV监测结果的准确度。

ZoomEye互联网攻击面管理平台依托于ZoomEye、Seebug、创宇安全智脑、安全专家的托举,使得监测能力成熟度高、更新及时、结果准确的优势,能够对攻击面进行多维监测,覆盖全端口服务、通用OWASP TOP 10漏洞、高危组件漏洞、弱口令。能自动判断资产类别,例如办公自动化系统(OA)、邮件服务器、管理平台等,还可以识别内容分发网络(CDN)、Web应用防护系统等。助力客户减少信息干扰,快速区分重要资产,及时处理重要资产的高风险事项。

3、多渠道预警通知,快速收敛互联网攻击面

ZoomEye互联网攻击面管理平台通过对互联网资产、攻击面的持续监测,能够在发现问题后,通过微信、邮件、短信的方式及时进行情报预警,助力客户立即采取措施收敛攻击面,避免攻击面的无序扩大。

攻防演练前的准备已进入冲刺阶段,若您的单位尚未完成互联网暴露面梳理,建议接入 ZoomEye 互联网攻击面管理平台,实现资产测绘、攻击面风险发现。平台凭借 350 亿 + 资产测绘数据、多维监测引擎及多渠道预警能力,助您在攻防实战中快速收敛攻击面,筑牢网络安全防线。

知道创宇

Meta 的大模型 Llama 3.1 能回忆《哈利波特》第一部 42% 的内容

Solidot
2 months 3 weeks ago
来自斯坦福、康奈尔和西弗吉尼亚大学的计算机科学家和法律学者组成的团队上个月在预印本平台 arxiv 上发表了一篇论文,分析了五种开放权重模型能否重复 Books3 中的文本。这五种模型三种来自 Meta,另外两种分别来自微软和 EleutherAI,而 Books3 是用于训练大模型的流行书库,其中很多仍然受到版权保护。研究人员将 36 本书分成有重叠的 100 token 段落,使用前 50 token 作为提示词,计算接下来 50 token 与原文相同的概率,如果逐字复述的概率超过五成,研究人员就将该段落标记为“已记住”。结果显示,Meta 在 2024 年 7 月发布的参数规模中等的模型 Llama 3.1 70B 能记住《哈利波特》第一部 42% 的内容,相比下 Meta 在 2023 年 2 月发布的参数规模相似的模型 Llama 1 65B 只能记住 4.4%。研究人员发现,相比冷门书籍,Llama 3.1 70B 更可能重复热门书籍如《霍比特人》和乔治奥威尔《1984》,它对大部分书籍的记忆量远高于其它模型。

CVE-2014-8949 | iMember360 3.8.012/3.8.013/3.8.014/3.9.000/3.9.001 Privileges i4w_trace code injection (Exploit 126324 / EDB-33076)

Vuldb Updates
2 months 3 weeks ago
A vulnerability has been found in iMember360 3.8.012/3.8.013/3.8.014/3.9.000/3.9.001 and classified as critical. This vulnerability affects unknown code of the component Privileges. The manipulation of the argument i4w_trace leads to code injection. This vulnerability was named CVE-2014-8949. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

New Predator spyware infrastructure revealed activity in Mozambique for the first time

Security Affairs
2 months 3 weeks ago
Insik Group analyzed the new Predator spyware infrastructure and discovered it’s still gaining users despite U.S. sanctions since July 2023. Despite earlier declines in activity due to U.S. sanctions and public exposure, Predator spyware has resurged. Insikt Group analyzed a renewed infrastructure linked to the commercial spyware company and identified a new customer in Mozambique, […]
Pierluigi Paganini

How to prevent data breaches in enterprise organizations

Security Boulevard
2 months 3 weeks ago

In an era of growing cyber threats, enterprises must move beyond basic cybersecurity to prevent data breaches. This article explores the importance of a layered security approach, with a focus on automated certificate lifecycle management (CLM), zero trust frameworks, and real-time monitoring. These strategies enhance visibility, enforce identity-based access, ensure compliance, and reduce human error, ultimately helping enterprises secure sensitive data across expanding digital environments.

The post How to prevent data breaches in enterprise organizations appeared first on Security Boulevard.

Martijn Katerbarg

CVE-2024-53309 | Effectmatrix Total Video Converter Command Line 2.50 f stack-based overflow (EUVD-2024-51945)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in Effectmatrix Total Video Converter Command Line 2.50 and classified as critical. This issue affects some unknown processing. The manipulation of the argument f leads to stack-based buffer overflow. The identification of this vulnerability is CVE-2024-53309. An attack has to be approached locally. There is no exploit available.
vuldb.com

CVE-2024-53007 | Bentley ProjectWise Integration Server prior 10.00.03.288 incorrect privileged apis (EUVD-2024-51771)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in Bentley ProjectWise Integration Server and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to incorrect use of privileged apis. This vulnerability is handled as CVE-2024-53007. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CNVD漏洞周报2025年第22期

CNVD漏洞平台
2 months 3 weeks ago
国家信息安全漏洞共享平台(以下简称CNVD)本周共收集、整理信息安全漏洞464个,其中高危漏洞222个、中危漏洞205个、低危漏洞37个。

Managed ad