Aggregator

A vulnerability has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0 and classified as critical. Affected by this issue is some unknown functionality of the file /htdocs/api/playlist/playsinglefile.php. The manipulation of the argument File leads to os command injection. This vulnerability is listed as CVE-2025-10328. The attack may be initiated remotely. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as critical, was found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this vulnerability is an unknown functionality of the file /htdocs/api/playlist/shuffle.php. Executing manipulation of the argument playlist can lead to os command injection. This vulnerability is tracked as CVE-2025-10327. The attack can be launched remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as critical, has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an unknown function of the file /htdocs/api/playlist/single.php. Performing manipulation of the argument playlist results in os command injection. This vulnerability is identified as CVE-2025-10326. The attack can be initiated remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #643527 / VDB-167287

Submit #643524 / VDB-295659

In a striking evolution of its tactics, the Sidewinder advanced persistent threat (APT) group—also known as APT-C-24 or “Rattlesnake”—has adopted a novel delivery mechanism leveraging Windows shortcut (LNK) files to orchestrate complex, multi-stage intrusions across South Asia. Active since at least 2012 and targeting governments, energy utilities, military installations, and mining operations in Pakistan, Afghanistan, […]

The post Sidewinder Hackers Exploit LNK Files to Deploy Malicious Scripts appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Submit #643523 / VDB-193814

A vulnerability was found in Liferay Portal and DXP. It has been declared as problematic. This impacts an unknown function. Such manipulation of the argument remote app title leads to cross site scripting. This vulnerability is referenced as CVE-2025-43775. It is possible to launch the attack remotely. No exploit is available.

Submit #643512 / VDB-323754

Submit #643511 / VDB-323753

Submit #643500 / VDB-323752

A critical security vulnerability has been discovered in the popular Axios HTTP client library that allows attackers to crash Node.js applications through malicious data URL handling. The flaw, tracked as CVE-2025-58754, affects all versions of Axios before 1.11.0 and has been assigned a CVSS 3.1 score of 7.5, indicating high severity. Vulnerability Mechanics The vulnerability stems […]

The post Axios Vulnerability Enables Attackers to Crash Node.js Applications via Data Handle Abuse appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Submit #643499 / VDB-251540

Submit #643498 / VDB-276157

本期我们公开银狐团伙的一次极限闪避之旅：针对不同终端安全软件实施不同的执行策略，以实现更有效的防御规避效果，已成为银狐战术首选。例如在本次攻击事件中，银狐首先判断当前系统终端安全软件环境，根据主机安全环境不同，选择差异化的战术策略。

ICO warned that growing hacks by children into school computer systems is setting them up for “a life of cybercrime”

A vulnerability classified as critical was found in Wavlink WL-WN578W2 221110. This impacts the function sub_401340/sub_401BA4 of the file /cgi-bin/login.cgi. Such manipulation of the argument ipaddr leads to command injection. This vulnerability is referenced as CVE-2025-10325. It is possible to launch the attack remotely. Furthermore, an exploit is available. Restrictive firewalling should be applied. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as critical has been found in Wavlink WL-WN578W2 221110. This affects the function sub_401C5C of the file firewall.cgi. This manipulation of the argument pingFrmWANFilterEnabled/blockSynFloodEnabled/blockPortScanEnabled/remoteManagementEnabled causes command injection. The identification of this vulnerability is CVE-2025-10324. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is advisable to implement restrictive firewalling. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability described as critical has been identified in Wavlink WL-WN578W2 221110. The impacted element is the function sub_409184 of the file /wizard_rep.shtml. The manipulation of the argument sel_EncrypTyp results in command injection. This vulnerability was named CVE-2025-10323. The attack may be performed from remote. In addition, an exploit is available. Applying restrictive firewalling is recommended. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability marked as problematic has been reported in Wavlink WL-WN578W2 221110. The affected element is an unknown function of the file /sysinit.html. The manipulation of the argument newpass/confpass leads to weak password recovery. This vulnerability is uniquely identified as CVE-2025-10322. The attack is possible to be carried out remotely. Moreover, an exploit is present. It is recommended to apply restrictive firewalling. The vendor was contacted early about this disclosure but did not respond in any way.