Aggregator

CVE-2025-41762 | MBS UBR-01 Mk II/UBR-02/UBR-LON prior 6.0.1.0 Password wwwdnload.cgi weak hash (mbs-2025-0001 / EUVD-2025-208371)

3 weeks 1 day ago

A vulnerability classified as problematic has been found in MBS UBR-01 Mk II, UBR-02 and UBR-LON. This vulnerability affects unknown code of the file wwwdnload.cgi of the component Password Handler. Performing a manipulation results in use of weak hash. This vulnerability was named CVE-2025-41762. The attack needs to be approached locally. There is no available exploit. It is recommended to upgrade the affected component.

vuldb.com

CVE-2025-41759 | MBS UBR-01 Mk II/UBR-02/UBR-LON prior 6.0.1.0 failing open (mbs-2025-0001 / EUVD-2025-208365)

VulDB Recent Entries

3 weeks 1 day ago

A vulnerability described as problematic has been identified in MBS UBR-01 Mk II, UBR-02 and UBR-LON. This affects an unknown part. Such manipulation leads to not failing securely. This vulnerability is uniquely identified as CVE-2025-41759. The attack can be launched remotely. No exploit exists. Upgrading the affected component is recommended.

vuldb.com

CVE-2025-41757 | MBS UBR-01 Mk II/UBR-02/UBR-LON prior 6.0.1.0 Backup Restore path traversal (mbs-2025-0001 / EUVD-2025-208361)

VulDB Recent Entries

3 weeks 1 day ago

A vulnerability marked as critical has been reported in MBS UBR-01 Mk II, UBR-02 and UBR-LON. Affected by this issue is some unknown functionality of the component Backup Restore Handler. This manipulation causes path traversal. This vulnerability is handled as CVE-2025-41757. The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.

vuldb.com

CVE-2025-41763 | MBS UBR-01 Mk II/UBR-02/UBR-LON prior 6.0.1.0 wwwdnload.cgi exposure of sensitive system information to an unauthorized control sphere (mbs-2025-0001 / EUVD-2025-208373)

VulDB Recent Entries

3 weeks 1 day ago

A vulnerability labeled as problematic has been found in MBS UBR-01 Mk II, UBR-02 and UBR-LON. Affected by this vulnerability is an unknown functionality of the file wwwdnload.cgi. The manipulation results in exposure of sensitive system information to an unauthorized control sphere. This vulnerability is known as CVE-2025-41763. It is possible to launch the attack remotely. No exploit is available. The affected component should be upgraded.

vuldb.com

CVE-2025-41760 | MBS UBR-01 Mk II/UBR-02/UBR-LON prior 6.0.1.0 Network Traffic failing open (mbs-2025-0001 / EUVD-2025-208367)

VulDB Recent Entries

3 weeks 1 day ago

A vulnerability identified as problematic has been detected in MBS UBR-01 Mk II, UBR-02 and UBR-LON. Affected is an unknown function of the component Network Traffic Handler. The manipulation leads to not failing securely. This vulnerability is traded as CVE-2025-41760. It is possible to initiate the attack remotely. There is no exploit available. You should upgrade the affected component.

vuldb.com

CVE-2025-41758 | MBS UBR-01 Mk II/UBR-02/UBR-LON prior 6.0.1.0 wwupload.cgi path traversal (mbs-2025-0001 / EUVD-2025-208363)

VulDB Recent Entries

3 weeks 1 day ago

A vulnerability categorized as critical has been discovered in MBS UBR-01 Mk II, UBR-02 and UBR-LON. This impacts an unknown function of the file wwupload.cgi. Executing a manipulation can lead to path traversal. This vulnerability appears as CVE-2025-41758. The attack may be performed from remote. There is no available exploit. It is advisable to upgrade the affected component.

vuldb.com

CVE-2025-41755 | MBS UBR-01 Mk II/UBR-02/UBR-LON prior 6.0.1.0 Endpoint wwwubr.cgi some_number path traversal (mbs-2025-0001 / EUVD-2025-208357)

VulDB Recent Entries

3 weeks 1 day ago

A vulnerability was found in MBS UBR-01 Mk II, UBR-02 and UBR-LON. It has been rated as critical. This affects an unknown function of the file wwwubr.cgi of the component Endpoint. Performing a manipulation of the argument some_number results in path traversal. This vulnerability is reported as CVE-2025-41755. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is advised.

vuldb.com

CVE-2025-41765 | MBS UBR-01 Mk II/UBR-02/UBR-LON prior 6.0.1.0 wwwupload.cgi authorization (mbs-2025-0001 / EUVD-2025-208377)

VulDB Recent Entries

3 weeks 1 day ago

A vulnerability was found in MBS UBR-01 Mk II, UBR-02 and UBR-LON. It has been declared as critical. The impacted element is an unknown function of the file wwwupload.cgi. Such manipulation leads to missing authorization. This vulnerability is documented as CVE-2025-41765. The attack can be executed remotely. There is not any exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2025-40639 | Eventobot calculate_discount.php promo_send sql injection (EUVD-2025-208400)

VulDB Recent Entries

3 weeks 1 day ago

A vulnerability was found in Eventobot. It has been classified as critical. The affected element is an unknown function of the file /assets/php/calculate_discount.php. This manipulation of the argument promo_send causes sql injection. This vulnerability is registered as CVE-2025-40639. Remote exploitation of the attack is possible. No exploit is available.

vuldb.com

Using lots of security solutions? How fewer tools lead to more control

Link 11 (Dosarrest Internet Security Ltd)

3 weeks 1 day ago

In IT security, the following principle often applies: introduce a new tool for every new problem. As a result, many companies have developed a digital patchwork quilt over time. Endpoint protection here, firewalls there, identity management, DDoS protection, WAF, bot management, and API security—everything was purchased, configured, and operated individually. On paper, this looks like seamless coverage. In operational reality, however, […]

The post Using lots of security solutions? How fewer tools lead to more control appeared first on Link11.

Link11 Administrator

赛博龙虾暗藏杀机：OpenClaw席卷全球背后，多少人在“裸奔”？

360数字安全

3 weeks 1 day ago

这款爆火AI智能体，藏着七大致命安全隐患

В Solv изобрели вечный двигатель для выпуска монет, но есть нюанс. Он работает только на хакеров

Securitylab.ru

3 weeks 1 day ago

Биткоин-протокол Solv потерял 2,7 миллиона долларов в результате хакерской атаки.

【安全圈】伪造 PDF 与会议链接诱骗下载，微软曝光利用合法证书签名的多段式钓鱼攻击

安全圈

3 weeks 1 day ago

关键词钓鱼微软 Defender 专家团队本周发布了最新安全报告，称其在 2026 年 2 月监测到多起由未知

【安全圈】维基百科遭 JavaScript 蠕虫攻击，数千页面被恶意篡改

安全圈

3 weeks 1 day ago

【安全圈】“95后”网安尖兵张智恒：如何将嫌犯堵在国门之内

安全圈

3 weeks 1 day ago

关键词网络安全在公安系统中，有一位年轻的网络安全民警，他凭借扎实的技术能力与坚定的责任感，在网络空间这片看不见

【安全圈】全民疯抢！60 岁大爷大妈也开始养龙虾了官方：极易引发网络攻击、信息泄露

安全圈

3 weeks 1 day ago

关键词AI最近全网被一只 " 龙虾 " 彻底刷屏，不管是科技圈还是普通网友，全都化身养虾人，掀起了现象级的 A

Cognizant’s TriZetto Provider Solutions data breach impacted over 3.4 million patients

Security Affairs

3 weeks 1 day ago

A breach at Cognizant’s TriZetto Provider Solutions exposed sensitive health data belonging to more than 3.4 million patients. A data breach at Cognizant’s TriZetto Provider Solutions exposed sensitive information belonging to more than 3.4 million patients. At this time, no ransomware group has claimed responsibility for the attack yet. TriZetto Provider Solutions is a healthcare […]

Pierluigi Paganini