Aggregator

CVE-2025-12209 | Tenda O3 1.0.0.10(2478) /goform/setDhcpConfig SetValue/GetValue dhcpEn stack-based overflow (EUVD-2025-36067)

Vuldb Updates
3 months 2 weeks ago
A vulnerability labeled as critical has been found in Tenda O3 1.0.0.10(2478). Affected is the function SetValue/GetValue of the file /goform/setDhcpConfig. Executing manipulation of the argument dhcpEn can lead to stack-based buffer overflow. This vulnerability appears as CVE-2025-12209. The attack may be performed from remote. In addition, an exploit is available.
vuldb.com

CVE-2025-12210 | Tenda O3 1.0.0.10(2478) /goform/AdvSetLanip SetValue/GetValue lanIp stack-based overflow (EUVD-2025-36069)

Vuldb Updates
3 months 2 weeks ago
A vulnerability marked as critical has been reported in Tenda O3 1.0.0.10(2478). Affected by this vulnerability is the function SetValue/GetValue of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to stack-based buffer overflow. This vulnerability is traded as CVE-2025-12210. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-12211 | Tenda O3 1.0.0.10(2478) /goform/setDmzInfo SetValue/GetValue dmzIP stack-based overflow (EUVD-2025-36074)

Vuldb Updates
3 months 2 weeks ago
A vulnerability described as critical has been identified in Tenda O3 1.0.0.10(2478). Affected by this issue is the function SetValue/GetValue of the file /goform/setDmzInfo. The manipulation of the argument dmzIP results in stack-based buffer overflow. This vulnerability is known as CVE-2025-12211. It is possible to launch the attack remotely. Furthermore, an exploit is available.
vuldb.com

CVE-2025-12212 | Tenda O3 1.0.0.10(2478) setNetworkService SetValue/GetValue upnpEn stack-based overflow (EUVD-2025-36073)

Vuldb Updates
3 months 2 weeks ago
A vulnerability classified as critical has been found in Tenda O3 1.0.0.10(2478). This affects the function SetValue/GetValue of the file /goform/setNetworkService. This manipulation of the argument upnpEn causes stack-based buffer overflow. This vulnerability is handled as CVE-2025-12212. The attack can be initiated remotely. Additionally, an exploit exists.
vuldb.com

It’s Always DNS: Lessons from the AWS Outage

Security Boulevard
3 months 2 weeks ago

In episode 404 (no pun intended!) we discuss the recurring issue of DNS outages, the recent Amazon AWS disruption, and what this reveals about our dependency on cloud services. The conversation touches on the need for tested business continuity plans, the implications of DNS failures, and the misconceptions around cloud infrastructure’s automatic failover capabilities. ** […]

The post It’s Always DNS: Lessons from the AWS Outage appeared first on Shared Security Podcast.

The post It’s Always DNS: Lessons from the AWS Outage appeared first on Security Boulevard.

Tom Eston

CVE-2007-3354 | Scriptdevelopers.net NetClassifieds 1.0.1/1.5.1/1.9.6.3 viewcat.php s_user_id sql injection (EDB-30223 / XFDB-34994)

Vuldb Updates
3 months 2 weeks ago
A vulnerability described as critical has been identified in Scriptdevelopers.net NetClassifieds 1.0.1/1.5.1/1.9.6.3. This impacts an unknown function of the file viewcat.php. Executing manipulation of the argument s_user_id can lead to sql injection. This vulnerability is registered as CVE-2007-3354. It is possible to launch the attack remotely. Furthermore, an exploit is available.
vuldb.com

CVE-2007-6634 | Netbizcity FAQMasterFlexPlus 1.5 faq.php category_id sql injection (EDB-30947 / XFDB-39286)

Vuldb Updates
3 months 2 weeks ago
A vulnerability was found in Netbizcity FAQMasterFlexPlus 1.5. It has been classified as critical. This affects an unknown part of the file faq.php. This manipulation of the argument category_id causes sql injection. The identification of this vulnerability is CVE-2007-6634. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2007-6633 | Netbizcity FAQMasterFlexPlus 1.5 faq.php cat_name cross site scripting (EDB-30945 / XFDB-39287)

Vuldb Updates
3 months 2 weeks ago
A vulnerability was found in Netbizcity FAQMasterFlexPlus 1.5 and classified as problematic. Affected by this issue is some unknown functionality of the file faq.php. The manipulation of the argument cat_name results in cross site scripting. This vulnerability was named CVE-2007-6633. The attack may be performed from remote. In addition, an exploit is available.
vuldb.com

New EDR-Redir Tool Breaks EDR Exploiting Bind Filter and Cloud Filter Driver

Cyber Security News
3 months 2 weeks ago

A new tool called EDR-Redir has emerged, allowing attackers to redirect or isolate the executable folders of popular Endpoint Detection and Response (EDR) solutions. Demonstrated by cybersecurity researcher TwoSevenOneT, the technique leverages Windows’ Bind Filter driver (bindflt.sys) and Cloud Filter driver (cldflt.sys) to undermine EDR protections without requiring kernel-level access. This user-mode exploit, rooted in […]

The post New EDR-Redir Tool Breaks EDR Exploiting Bind Filter and Cloud Filter Driver appeared first on Cyber Security News.

Guru Baran

Managed ad