Aggregator

A vulnerability was found in Comfast CF-N1 2.6.0. It has been classified as critical. This affects the function wifilith_delete_pic_file of the file /usr/bin/webmgnt. This manipulation of the argument portal_delete_picname causes command injection. This vulnerability is tracked as CVE-2025-9585. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability was found in Comfast CF-N1 2.6.0 and classified as critical. Affected by this issue is the function update_interface_png of the file /usr/bin/webmgnt. The manipulation of the argument interface/display_name results in command injection. This vulnerability is identified as CVE-2025-9584. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability has been found in Comfast CF-N1 2.6.0 and classified as critical. Affected by this vulnerability is the function ping_config of the file /usr/bin/webmgnt. The manipulation leads to command injection. This vulnerability is referenced as CVE-2025-9583. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability, which was classified as critical, was found in Comfast CF-N1 2.6.0. Affected is the function ntp_timezone of the file /usr/bin/webmgnt. Executing manipulation of the argument timestr can lead to command injection. The identification of this vulnerability is CVE-2025-9582. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Comfast CF-N1 2.6.0. This impacts the function multi_pppoe of the file /usr/bin/webmgnt. Performing manipulation of the argument phy_interface results in command injection. This vulnerability was named CVE-2025-9581. The attack may be initiated remotely. In addition, an exploit is available.

German prosecutors charged a man with carrying out a damaging cyberattack on Rosneft Deutschland, the German subsidiary of Russia’s state-owned oil giant, in the weeks following Russia's invasion of Ukraine.

Cybercriminals have started “vibe hacking” with AI’s help, AI startup Anthropic has shared in a report released on Wednesday. An attacker used the agentic AI coding assistant Claude Code for nearly all steps of a data extortion operation that has targeted at least 17 organizations in a variety of economic sectors. The attacker provided Claude Code with a CLAUDE.md file that outlined what they expected of the coding assistant and used the AI tool to … More →

The post Agentic AI coding assistant helped attacker breach, extort 17 distinct organizations appeared first on Help Net Security.

Submit #636137 / VDB-321699

Submit #636136 / VDB-321698

Submit #636131 / VDB-321697

Submit #636130 / VDB-321696

A vulnerability classified as critical was found in LB-LINK BL-X26 1.2.8. This affects an unknown function of the file /goform/set_blacklist of the component HTTP Handler. Such manipulation of the argument mac leads to os command injection. This vulnerability is uniquely identified as CVE-2025-9580. The attack can be launched remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as critical has been found in LB-LINK BL-X26 1.2.8. The impacted element is an unknown function of the file /goform/set_hidessid_cfg of the component HTTP Handler. This manipulation of the argument enable causes os command injection. This vulnerability is handled as CVE-2025-9579. The attack can be initiated remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #636128 / VDB-321695

Submit #636127 / VDB-321694

【近期工作】TETD:在可信域中可信执行这篇工作发表于 USENIX Security 2025，由南方科技

Make sure your Chrome browser is updated to the latest version to stay protected.

Currently trending CVE - Hype Score: 1 - Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the session recording server

Currently trending CVE - Hype Score: 1 - Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain

A vulnerability classified as critical was found in MediaTek MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8666, MT8667, MT8675, MT8765, MT8766, MT8768, MT8785, MT8789, MT8791 and MT8797. The affected element is an unknown function of the component msdc. The manipulation results in out-of-bounds write. This vulnerability was named CVE-2023-20626. The attack needs to be approached locally. There is no available exploit. It is best practice to apply a patch to resolve this issue.