Aggregator

A vulnerability described as problematic has been identified in bftpd up to 6.2. Impacted is the function expand_groups of the file options.c of the component Configuration File Handler. Executing manipulation can lead to heap-based buffer overflow. This vulnerability is handled as CVE-2025-11947. It is possible to launch the attack on the local host. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.

Phoenix Contact QUINT4-UPS设备存在五个高危漏洞（CVE-2025-41703至CVE-2025-41707），包括未认证Modbus攻击、密码泄露及DoS攻击等。受影响版本为VC:00至VC:07，部分漏洞已通过升级修复，但配置仍存风险。建议限制网络访问并升级设备以提升安全性。

apis.google.com 的 additnow 功能存在开放重定向漏洞（CWE-601），已被用于钓鱼攻击。通过 `__lu` 参数可控制重定向目标，导致用户被引导至恶意网站。该漏洞自 2025 年 9 月起被利用，影响包括绕过垃圾邮件过滤和 SEO 操纵。严重程度为中等。

文章披露了Mercku M6a路由器的严重安全漏洞，包括远程代码执行、CSRF攻击、隐藏Telnet后门、权限提升及弱会话令牌等问题。这些漏洞使攻击者可轻松控制路由器并长期威胁用户网络。由于厂商未回应披露请求，作者选择公开信息以促使其修复并提高用户警惕。

A vulnerability marked as problematic has been reported in LogicalDOC Community Edition up to 9.2.1. This issue affects some unknown processing of the file /frontend.jsp of the component Add Contact Page. Performing manipulation of the argument First Name/Last Name/Company/Address/Phone/Mobile results in cross site scripting. This vulnerability is known as CVE-2025-11946. Remote exploitation of the attack is possible. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #673133 / VDB-329027

A vulnerability labeled as problematic has been found in toeverything AFFiNE up to 0.24.1. This vulnerability affects unknown code of the component Avatar Upload Image Endpoint. Such manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-11945. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #671389 / VDB-329026

Volkswagen Group has issued a statement addressing claims by the ransomware group 8Base, which alleges it has stolen and leaked sensitive data from the automaker. The German carmaker maintains that its core IT infrastructure remains unaffected; however, the company’s vague response leaves questions about the full scope of the incident and raises concerns about a […]

The post Volkswagen Allegedly Hit by Ransomware Attack as 8Base Claims Sensitive Data Theft appeared first on Cyber Security News.

Submit #670888 / VDB-329025

A vulnerability categorized as problematic has been discovered in boyns rplay up to 3.3.2. Affected by this issue is the function RPLAY_DATA of the file librplay/rplay.c. The manipulation results in allocation of resources. This vulnerability is reported as CVE-2025-62672. The attack can be launched remotely. No exploit exists.

Submit #665593 / VDB-207741

A vulnerability identified as critical has been detected in givanz Vvveb up to 1.0.7.3. This affects the function Import of the file admin/controller/tools/import.php of the component Raw SQL Handler. This manipulation causes sql injection. This vulnerability appears as CVE-2025-11944. The attack may be initiated remotely. In addition, an exploit is available. It is recommended to apply a patch to fix this issue.

A vulnerability categorized as problematic has been discovered in boyns rplay up to 3.3.2. Affected by this issue is the function RPLAY_DATA of the file librplay/rplay.c. The manipulation results in allocation of resources. This vulnerability is reported as CVE-2025-62672. The attack can be launched remotely. No exploit exists.

A vulnerability was found in 70mai X200 up to 20251010. It has been rated as critical. Affected by this vulnerability is an unknown functionality of the component HTTP Web Server. The manipulation leads to use of default credentials. This vulnerability is documented as CVE-2025-11943. The attack can be initiated remotely. Additionally, an exploit exists. It is recommended to apply restrictive firewalling. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in 70mai X200 up to 20251010. It has been declared as critical. Affected is an unknown function of the component Pairing. Executing manipulation can lead to missing authentication. This vulnerability is registered as CVE-2025-11942. It is possible to launch the attack remotely. Furthermore, an exploit is available. The application of restrictive firewalling is recommended. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #673129 / VDB-329024

Submit #672521 / VDB-329022

Submit #672520 / VDB-329021

A vulnerability categorized as critical has been discovered in TOTOLINK T8 4.1.5cu. The affected element is the function meshSlaveDlfw of the component MQTT Packet Handler. The manipulation of the argument serverIp results in command injection. This vulnerability is identified as CVE-2023-24150. The attack can only be performed from the local network. There is not any exploit available.