AttackerKB
attackerkb
New assessment for topic: CVE-2025-61882
Topic description: "Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite (component: BI Publisher Integration) ..."
"The exploit for this was leaked, and has been available on VirusTotal since 3 Oct 2025 (both [exp.py](https://www.virustotal.com/gui/file/aa0d3859d6633b62bccfb69017d33a8979a3be1f3f0a5a4bf6960d6c73d41121/details) and [server.py](https://www.virustotal.com/gui/file/6fd538e4a8e3493dda6f9fcdc96e814bdd14f3e2ef8aa46f0143bff34b882c1b/details)) ..."
Link: https://attackerkb.com/assessments/a5a4a6ba-7379-4404-9a90-2a9a0345575e
Topic description: "Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite (component: BI Publisher Integration) ..."
"The exploit for this was leaked, and has been available on VirusTotal since 3 Oct 2025 (both [exp.py](https://www.virustotal.com/gui/file/aa0d3859d6633b62bccfb69017d33a8979a3be1f3f0a5a4bf6960d6c73d41121/details) and [server.py](https://www.virustotal.com/gui/file/6fd538e4a8e3493dda6f9fcdc96e814bdd14f3e2ef8aa46f0143bff34b882c1b/details)) ..."
Link: https://attackerkb.com/assessments/a5a4a6ba-7379-4404-9a90-2a9a0345575e
0
0
0
AttackerKB
attackerkb
New Rapid7 Analysis on AttackerKB topic: CVE-2025-20362
"On September 25, 2025, Cisco published advisories for two new vulnerabilities, CVE-2025-20362, and CVE-2025-20333, which are known to be exploited in-the-wild as a zero-day, by an as-yet unknown threat actor in what appears to be a highly targeted attack. ..."
Link: https://attackerkb.com/topics/1098c71a-ab65-493f-8ac0-f6c770f6f3c5
"On September 25, 2025, Cisco published advisories for two new vulnerabilities, CVE-2025-20362, and CVE-2025-20333, which are known to be exploited in-the-wild as a zero-day, by an as-yet unknown threat actor in what appears to be a highly targeted attack. ..."
Link: https://attackerkb.com/topics/1098c71a-ab65-493f-8ac0-f6c770f6f3c5
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-41244
Topic description: "VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM. ..."
"A local privilege escalation in VMware guest service discovery (open-vm-tools / VMware Aria Operations SDMP) ..."
Link: https://attackerkb.com/assessments/32dc9ce8-8cb7-46d4-90fb-d47e97fbf84f
Topic description: "VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM. ..."
"A local privilege escalation in VMware guest service discovery (open-vm-tools / VMware Aria Operations SDMP) ..."
Link: https://attackerkb.com/assessments/32dc9ce8-8cb7-46d4-90fb-d47e97fbf84f
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-32463
Topic description: "Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option. ..."
"On June 30, 2025, a privilege escalation vulnerability in the popular `sudo` command was published ..."
Link: https://attackerkb.com/assessments/5e35a669-7931-45cc-a25b-7eff64a03bed
Topic description: "Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option. ..."
"On June 30, 2025, a privilege escalation vulnerability in the popular `sudo` command was published ..."
Link: https://attackerkb.com/assessments/5e35a669-7931-45cc-a25b-7eff64a03bed
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-20362
Topic description: "A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to access restricted URL endpoints without authentication that should otherwise be inaccessible without authentication ..."
"This is an authentication bypass affecting Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) appliances ..."
Link: https://attackerkb.com/assessments/8c7829c3-f04c-425b-8853-97fc96b5d416
Topic description: "A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to access restricted URL endpoints without authentication that should otherwise be inaccessible without authentication ..."
"This is an authentication bypass affecting Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) appliances ..."
Link: https://attackerkb.com/assessments/8c7829c3-f04c-425b-8853-97fc96b5d416
0
0
1
AttackerKB
attackerkb
New assessment for topic: CVE-2025-20333
Topic description: "A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. ..."
"This is a memory corruption vulnerability (the CWE indicates it is a buffer overflow) affecting Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) appliances ..."
Link: https://attackerkb.com/assessments/8b78ecbf-ee77-4eb8-9310-4820e99d14a8
Topic description: "A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. ..."
"This is a memory corruption vulnerability (the CWE indicates it is a buffer overflow) affecting Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) appliances ..."
Link: https://attackerkb.com/assessments/8b78ecbf-ee77-4eb8-9310-4820e99d14a8
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-20363
Topic description: "A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, remote attacker (Cisco ASA and FTD Software) or authenticated, remote attacker (Cisco IOS, IOS XE, and IOS XR Software) with low user privileges to execute arbitrary code on an affected device ..."
"[CVE-2025-20363](https://www.rapid7.com/blog/post/etr-cve-2025-20333-cve-2025-20362-cve-2025-20363-multiple-critical-vulnerabilities-affecting-cisco-products/) is a heap-based buffer overflow [affecting many](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-code-exec-WmfP3h3O) popular Cisco products: Cisco ASA, FTD, IOS, IOS XE, and IOS XR ..."
Link: https://attackerkb.com/assessments/5fc0cb55-5f93-4116-8e0a-0c39251010ab
Topic description: "A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, remote attacker (Cisco ASA and FTD Software) or authenticated, remote attacker (Cisco IOS, IOS XE, and IOS XR Software) with low user privileges to execute arbitrary code on an affected device ..."
"[CVE-2025-20363](https://www.rapid7.com/blog/post/etr-cve-2025-20333-cve-2025-20362-cve-2025-20363-multiple-critical-vulnerabilities-affecting-cisco-products/) is a heap-based buffer overflow [affecting many](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-code-exec-WmfP3h3O) popular Cisco products: Cisco ASA, FTD, IOS, IOS XE, and IOS XR ..."
Link: https://attackerkb.com/assessments/5fc0cb55-5f93-4116-8e0a-0c39251010ab
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-10035
Topic description: " ..."
"Based on writing the [Rapid7 Analysis](https://attackerkb.com/topics/LbA9ANjcdz/cve-2025-10035#rapid7-analysis), I have rated the Attacker Value as `Very High`, a file transfer solution is a very high value target for an attacker, and this vulnerability is unauthenticated RCE ..."
Link: https://attackerkb.com/assessments/17eca967-23dd-4d68-ba3f-93fd48496dbd
Topic description: " ..."
"Based on writing the [Rapid7 Analysis](https://attackerkb.com/topics/LbA9ANjcdz/cve-2025-10035#rapid7-analysis), I have rated the Attacker Value as `Very High`, a file transfer solution is a very high value target for an attacker, and this vulnerability is unauthenticated RCE ..."
Link: https://attackerkb.com/assessments/17eca967-23dd-4d68-ba3f-93fd48496dbd
0
0
0
AttackerKB
attackerkb
New Rapid7 Analysis on AttackerKB topic: CVE-2025-10035
"On September 18, 2025, Fortra published a security [advisory](https://www.fortra.com/security/advisories/product-security/fi-2025-012) for a new vulnerability affecting their managed file transfer product, GoAnywhere MFT ..."
Link: https://attackerkb.com/topics/83fe961b-182b-4dd8-a236-438cafe193eb
"On September 18, 2025, Fortra published a security [advisory](https://www.fortra.com/security/advisories/product-security/fi-2025-012) for a new vulnerability affecting their managed file transfer product, GoAnywhere MFT ..."
Link: https://attackerkb.com/topics/83fe961b-182b-4dd8-a236-438cafe193eb
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-10184
Topic description: "The vulnerability allows any application installed on the device to read SMS/MMS data and metadata from the system-provided Telephony provider without permission, user interaction, or consent ..."
"As per the advisory, this vulnerability "allows any application installed on the device to read SMS/MMS data and metadata from the system-provided Telephony provider (the package com.android.providers.telephony) without permission, user interaction, or consent." ..."
Link: https://attackerkb.com/assessments/e599af0e-d8e2-4a21-b596-a5b8433c3532
Topic description: "The vulnerability allows any application installed on the device to read SMS/MMS data and metadata from the system-provided Telephony provider without permission, user interaction, or consent ..."
"As per the advisory, this vulnerability "allows any application installed on the device to read SMS/MMS data and metadata from the system-provided Telephony provider (the package com.android.providers.telephony) without permission, user interaction, or consent." ..."
Link: https://attackerkb.com/assessments/e599af0e-d8e2-4a21-b596-a5b8433c3532
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-34152
Topic description: "An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) via the 'time' parameter of the '/protocol.csp?' endpoint ..."
"[CVE-2025-34152](https://nvd.nist.gov/vuln/detail/CVE-2025-34152) is a critical unauthenticated OS command injection vulnerability affecting the Shenzhen Aitemi M300 (MT02) Wi-Fi repeater ..."
Link: https://attackerkb.com/assessments/f9232c59-7c73-4a11-be35-41796596deb5
Topic description: "An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) via the 'time' parameter of the '/protocol.csp?' endpoint ..."
"[CVE-2025-34152](https://nvd.nist.gov/vuln/detail/CVE-2025-34152) is a critical unauthenticated OS command injection vulnerability affecting the Shenzhen Aitemi M300 (MT02) Wi-Fi repeater ..."
Link: https://attackerkb.com/assessments/f9232c59-7c73-4a11-be35-41796596deb5
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-5805
Topic description: "Improper Authentication vulnerability in Progress MOVEit Gateway (SFTP modules) allows Authentication Bypass.This issue affects MOVEit Gateway: 2024.0.0. ..."
"[CVE-2024-5805](https://community.progress.com/s/article/MOVEit-Gateway-Critical-Security-Alert-Bulletin-June-2024-CVE-2024-5805) is a critical SFTP authentication bypass vulnerability affecting Progress [MOVEit Gateway](https://community.progress.com/s/article/Gateway-Overview), an optional DMZ proxy designed to be used with the MOVEit Transfer file sharing software ..."
Link: https://attackerkb.com/assessments/ea949df7-483a-458b-917b-683e0f53521a
Topic description: "Improper Authentication vulnerability in Progress MOVEit Gateway (SFTP modules) allows Authentication Bypass.This issue affects MOVEit Gateway: 2024.0.0. ..."
"[CVE-2024-5805](https://community.progress.com/s/article/MOVEit-Gateway-Critical-Security-Alert-Bulletin-June-2024-CVE-2024-5805) is a critical SFTP authentication bypass vulnerability affecting Progress [MOVEit Gateway](https://community.progress.com/s/article/Gateway-Overview), an optional DMZ proxy designed to be used with the MOVEit Transfer file sharing software ..."
Link: https://attackerkb.com/assessments/ea949df7-483a-458b-917b-683e0f53521a
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-57791
Topic description: "An issue was discovered in Commvault before 11.36.60 ..."
"[CVE-2025-57791](https://documentation.commvault.com/securityadvisories/CV_2025_08_1.html) is a highly impactful unauthenticated argument injection vulnerability affecting Commvault for Windows and Linux ..."
Link: https://attackerkb.com/assessments/3265b8b6-674f-438b-a33d-e092ac4bbfbc
Topic description: "An issue was discovered in Commvault before 11.36.60 ..."
"[CVE-2025-57791](https://documentation.commvault.com/securityadvisories/CV_2025_08_1.html) is a highly impactful unauthenticated argument injection vulnerability affecting Commvault for Windows and Linux ..."
Link: https://attackerkb.com/assessments/3265b8b6-674f-438b-a33d-e092ac4bbfbc
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-57788
Topic description: "An issue was discovered in Commvault before 11.36.60 ..."
"CVE-2025-57788 is [a medium-severity vulnerability in Commvault](https://documentation.commvault.com/securityadvisories/CV_2025_08_3.html) for Windows and Linux, affecting the web service ..."
Link: https://attackerkb.com/assessments/ab3c1929-9e46-4a88-8c8e-7e4e22474aba
Topic description: "An issue was discovered in Commvault before 11.36.60 ..."
"CVE-2025-57788 is [a medium-severity vulnerability in Commvault](https://documentation.commvault.com/securityadvisories/CV_2025_08_3.html) for Windows and Linux, affecting the web service ..."
Link: https://attackerkb.com/assessments/ab3c1929-9e46-4a88-8c8e-7e4e22474aba
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-42957
Topic description: "SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC ..."
"A low-privileged SAP user who can invoke the vulnerable RFC function can inject arbitrary ABAP, bypassing critical auth checks and achieving administrative control over SAP S/4HANA; pivot to the underlying host is feasible. ..."
Link: https://attackerkb.com/assessments/9e4b5480-8085-4545-a60b-a224b42105c1
Topic description: "SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC ..."
"A low-privileged SAP user who can invoke the vulnerable RFC function can inject arbitrary ABAP, bypassing critical auth checks and achieving administrative control over SAP S/4HANA; pivot to the underlying host is feasible. ..."
Link: https://attackerkb.com/assessments/9e4b5480-8085-4545-a60b-a224b42105c1
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-29059
Topic description: "3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023 ..."
"CVE-2023-29059 is a supply chain attack that [targeted systems in the wild](https://www.rapid7.com/blog/post/2023/03/30/backdoored-3cxdesktopapp-installer-used-in-active-threat-campaign/) in March, 2023, via infected 3CX DesktopApp Electron application packages ..."
Link: https://attackerkb.com/assessments/4b37df41-d0ef-4199-bd3c-a19e6be4dbf7
Topic description: "3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023 ..."
"CVE-2023-29059 is a supply chain attack that [targeted systems in the wild](https://www.rapid7.com/blog/post/2023/03/30/backdoored-3cxdesktopapp-installer-used-in-active-threat-campaign/) in March, 2023, via infected 3CX DesktopApp Electron application packages ..."
Link: https://attackerkb.com/assessments/4b37df41-d0ef-4199-bd3c-a19e6be4dbf7
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-53693
Topic description: "Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cache Poisoning.This issue affects Sitecore Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4. ..."
"CVE-2025-53693 is an unauthenticated server-side cache poisoning vulnerability affecting Sitecore Experience Manager and Sitecore Experience Platform ..."
Link: https://attackerkb.com/assessments/3d97308e-ef14-4f17-a30b-84550e8c8f69
Topic description: "Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cache Poisoning.This issue affects Sitecore Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4. ..."
"CVE-2025-53693 is an unauthenticated server-side cache poisoning vulnerability affecting Sitecore Experience Manager and Sitecore Experience Platform ..."
Link: https://attackerkb.com/assessments/3d97308e-ef14-4f17-a30b-84550e8c8f69
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-50154
Topic description: "Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. ..."
"CVE-2025-50154 is easy to exploit ..."
Link: https://attackerkb.com/assessments/29dae763-b740-4740-bd8f-c048380ccc59
Topic description: "Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. ..."
"CVE-2025-50154 is easy to exploit ..."
Link: https://attackerkb.com/assessments/29dae763-b740-4740-bd8f-c048380ccc59
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-28459
Topic description: "pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export (a non-default feature) ..."
"Pretalx is a web-based conference planning tool used to manage call for papers (CfP) submissions, select talks, communicate with speakers, and publish conference schedules ..."
Link: https://attackerkb.com/assessments/9366f871-5537-409f-ac6a-6b0013fd3bfb
Topic description: "pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export (a non-default feature) ..."
"Pretalx is a web-based conference planning tool used to manage call for papers (CfP) submissions, select talks, communicate with speakers, and publish conference schedules ..."
Link: https://attackerkb.com/assessments/9366f871-5537-409f-ac6a-6b0013fd3bfb
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-32019
Topic description: "Netdata is an open source observability tool ..."
"Netdata is an open-source observability tool that contains a designated tool to run a set of defined commands with elevated privileges ..."
Link: https://attackerkb.com/assessments/2d9e32c1-bf84-4cea-a07f-dca060dc86bf
Topic description: "Netdata is an open source observability tool ..."
"Netdata is an open-source observability tool that contains a designated tool to run a set of defined commands with elevated privileges ..."
Link: https://attackerkb.com/assessments/2d9e32c1-bf84-4cea-a07f-dca060dc86bf
0
0
0