AttackerKB
attackerkb
New Rapid7 Analysis on AttackerKB topic: CVE-2025-37164
"On December 16, 2025, Hewlett Packard Enterprise (HPE) published an [advisory](https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04985en_us&docLocale=en_US) for [CVE-2025-37164](https://nvd.nist.gov/vuln/detail/CVE-2025-37164), a CVSS 10.0 vulnerability affecting [HPE OneView](https://www.hpe.com/us/en/software/oneview.html) ..."
Link: https://attackerkb.com/topics/e0aa3ea5-3740-4616-8478-afc2c000accf
"On December 16, 2025, Hewlett Packard Enterprise (HPE) published an [advisory](https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04985en_us&docLocale=en_US) for [CVE-2025-37164](https://nvd.nist.gov/vuln/detail/CVE-2025-37164), a CVSS 10.0 vulnerability affecting [HPE OneView](https://www.hpe.com/us/en/software/oneview.html) ..."
Link: https://attackerkb.com/topics/e0aa3ea5-3740-4616-8478-afc2c000accf
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-37164
Topic description: "A remote code execution issue exists in HPE OneView. ..."
"On December 17, 2025, Hewlett Packard Enterprise (HPE) published an [advisory](https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04985en_us&docLocale=en_US#vulnerability-summary-1) for [CVE-2025-37164](https://nvd.nist.gov/vuln/detail/CVE-2025-37164), a CVSS 10.0 vulnerability in [HPE OneView](https://www.hpe.com/us/en/software/oneview.html) ..."
Link: https://attackerkb.com/assessments/a3d628a3-1f3a-432b-bb86-56fe792d2ce9
Topic description: "A remote code execution issue exists in HPE OneView. ..."
"On December 17, 2025, Hewlett Packard Enterprise (HPE) published an [advisory](https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04985en_us&docLocale=en_US#vulnerability-summary-1) for [CVE-2025-37164](https://nvd.nist.gov/vuln/detail/CVE-2025-37164), a CVSS 10.0 vulnerability in [HPE OneView](https://www.hpe.com/us/en/software/oneview.html) ..."
Link: https://attackerkb.com/assessments/a3d628a3-1f3a-432b-bb86-56fe792d2ce9
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-59718
Topic description: "A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14, FortiProxy 7.0.0 through 7.0.21, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message. ..."
"[CVE-2025-59718 and CVE-2025-59719](https://fortiguard.fortinet.com/psirt/FG-IR-25-647) are Improper Verification of Cryptographic Signature vulnerabilities affecting several popular Fortinet products ..."
Link: https://attackerkb.com/assessments/a650bbfe-adc4-427f-aec0-0e0ca5a914cf
Topic description: "A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14, FortiProxy 7.0.0 through 7.0.21, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message. ..."
"[CVE-2025-59718 and CVE-2025-59719](https://fortiguard.fortinet.com/psirt/FG-IR-25-647) are Improper Verification of Cryptographic Signature vulnerabilities affecting several popular Fortinet products ..."
Link: https://attackerkb.com/assessments/a650bbfe-adc4-427f-aec0-0e0ca5a914cf
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-59719
Topic description: "An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message. ..."
"[CVE-2025-59718 and CVE-2025-59719](https://fortiguard.fortinet.com/psirt/FG-IR-25-647) are Improper Verification of Cryptographic Signature vulnerabilities affecting several popular Fortinet products ..."
Link: https://attackerkb.com/assessments/b1d20c07-db7d-41d0-a688-9ffa9e7c584b
Topic description: "An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message. ..."
"[CVE-2025-59718 and CVE-2025-59719](https://fortiguard.fortinet.com/psirt/FG-IR-25-647) are Improper Verification of Cryptographic Signature vulnerabilities affecting several popular Fortinet products ..."
Link: https://attackerkb.com/assessments/b1d20c07-db7d-41d0-a688-9ffa9e7c584b
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-24293
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"- Requires `mini_magick` set as image processor in Active Storage configuration ..."
Link: https://attackerkb.com/assessments/33512c9d-361d-4b94-9fc5-a185b100e77b
Topic description: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem ..."
"- Requires `mini_magick` set as image processor in Active Storage configuration ..."
Link: https://attackerkb.com/assessments/33512c9d-361d-4b94-9fc5-a185b100e77b
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-55182
Topic description: "A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack ..."
"Unauthenticated RCE which affects React applications that support React Server Components, and affects multiple downstream frameworks such as Next.js ..."
Link: https://attackerkb.com/assessments/0a808ee6-5df2-443a-a634-813dc0946305
Topic description: "A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack ..."
"Unauthenticated RCE which affects React applications that support React Server Components, and affects multiple downstream frameworks such as Next.js ..."
Link: https://attackerkb.com/assessments/0a808ee6-5df2-443a-a634-813dc0946305
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-59287
Topic description: "Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network. ..."
"In October 2025, Microsoft released a patch for a deserialization vulnerability in Windows Server Update Service (WSUS) ..."
Link: https://attackerkb.com/assessments/777017b2-e9b8-4ce7-910f-e1e0855c1ce4
Topic description: "Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network. ..."
"In October 2025, Microsoft released a patch for a deserialization vulnerability in Windows Server Update Service (WSUS) ..."
Link: https://attackerkb.com/assessments/777017b2-e9b8-4ce7-910f-e1e0855c1ce4
0
0
1
AttackerKB
attackerkb
New assessment for topic: CVE-2020-2555
Topic description: "Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation) ..."
"Organizations can detect exploitation attempts by monitoring for: ..."
Link: https://attackerkb.com/assessments/88b29a33-35df-4ca0-85de-db9eb9ca956e
Topic description: "Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation) ..."
"Organizations can detect exploitation attempts by monitoring for: ..."
Link: https://attackerkb.com/assessments/88b29a33-35df-4ca0-85de-db9eb9ca956e
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-61757
Topic description: "Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebServices) ..."
"**Status:** *Confirmed exploitable (controlled environment only)* ..."
Link: https://attackerkb.com/assessments/caf8f704-eb4b-4101-9ac1-879de0c331e7
Topic description: "Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebServices) ..."
"**Status:** *Confirmed exploitable (controlled environment only)* ..."
Link: https://attackerkb.com/assessments/caf8f704-eb4b-4101-9ac1-879de0c331e7
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-58034
Topic description: "An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.10, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands. ..."
"This README accompanies a **LAB‑SAFE**, **non‑harmful**, **sanitized** PoC designed exclusively for: ..."
Link: https://attackerkb.com/assessments/250f9ee0-9dde-4922-b731-e35b03ab311c
Topic description: "An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.10, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands. ..."
"This README accompanies a **LAB‑SAFE**, **non‑harmful**, **sanitized** PoC designed exclusively for: ..."
Link: https://attackerkb.com/assessments/250f9ee0-9dde-4922-b731-e35b03ab311c
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-58034
Topic description: "An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.10, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands. ..."
"Based on writing the [Rapid7 Analysis](https://attackerkb.com/topics/zClpINmLCh/cve-2025-58034/rapid7-analysis), I have rated the exploitability as `Very High`, as exploitation is trivial and reliable ..."
Link: https://attackerkb.com/assessments/c67a510c-5ac5-43a7-affd-7b7655c4b62f
Topic description: "An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.10, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands. ..."
"Based on writing the [Rapid7 Analysis](https://attackerkb.com/topics/zClpINmLCh/cve-2025-58034/rapid7-analysis), I have rated the exploitability as `Very High`, as exploitation is trivial and reliable ..."
Link: https://attackerkb.com/assessments/c67a510c-5ac5-43a7-affd-7b7655c4b62f
0
1
1
AttackerKB
attackerkb
New Rapid7 Analysis on AttackerKB topic: CVE-2025-58034
"On November 18, 2025, Fortinet published an [advisory](https://fortiguard.fortinet.com/psirt/FG-IR-25-513) for CVE-2025-58034 ..."
Link: https://attackerkb.com/topics/60513c92-9536-4151-a6a5-1fc343b09e3c
"On November 18, 2025, Fortinet published an [advisory](https://fortiguard.fortinet.com/psirt/FG-IR-25-513) for CVE-2025-58034 ..."
Link: https://attackerkb.com/topics/60513c92-9536-4151-a6a5-1fc343b09e3c
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-10158
Topic description: "A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index ..."
"_Note: The following analysis was written by the original finder, Calum Hutton._ ..."
Link: https://attackerkb.com/assessments/fbacb2a6-d1cd-4011-bb3a-f06b1c8306b1
Topic description: "A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index ..."
"_Note: The following analysis was written by the original finder, Calum Hutton._ ..."
Link: https://attackerkb.com/assessments/fbacb2a6-d1cd-4011-bb3a-f06b1c8306b1
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-25257
Topic description: "An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and below 7.0.10 allows an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests. ..."
"In one of our honeypots we observed the following payload being executed: ..."
Link: https://attackerkb.com/assessments/ccb5097e-52f5-411c-b4f6-951b36b166d7
Topic description: "An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and below 7.0.10 allows an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests. ..."
"In one of our honeypots we observed the following payload being executed: ..."
Link: https://attackerkb.com/assessments/ccb5097e-52f5-411c-b4f6-951b36b166d7
0
1
1
AttackerKB
attackerkb
New assessment for topic: CVE-2025-64446
Topic description: "A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests. ..."
"# CVE-2025-64446 – Fortinet FortiWeb Critical Path Traversal Vulnerability ..."
Link: https://attackerkb.com/assessments/99da1ce6-0081-41e8-8a62-4ecf729a6586
Topic description: "A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests. ..."
"# CVE-2025-64446 – Fortinet FortiWeb Critical Path Traversal Vulnerability ..."
Link: https://attackerkb.com/assessments/99da1ce6-0081-41e8-8a62-4ecf729a6586
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-64446
Topic description: "A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests. ..."
"FortiWeb is a Web Application Firewall (WAF) product that is designed to detect and block malicious traffic to web applications ..."
Link: https://attackerkb.com/assessments/de356c9b-4b40-4354-894b-f4427f7061fb
Topic description: "A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests. ..."
"FortiWeb is a Web Application Firewall (WAF) product that is designed to detect and block malicious traffic to web applications ..."
Link: https://attackerkb.com/assessments/de356c9b-4b40-4354-894b-f4427f7061fb
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-12480
Topic description: "Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete. ..."
"Based on writing the [Rapid7 Analysis](https://attackerkb.com/topics/5C4wRy6hY7/cve-2025-12480#rapid7-analysis), I have rated both the Exploitability and Attacker Value as `Very High`, as the target product is a file sharing solution, and is vulnerable to unauthenticated remote code execution in a default configuration. ..."
Link: https://attackerkb.com/assessments/872fea17-4584-4f94-b9dc-3875a890a332
Topic description: "Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete. ..."
"Based on writing the [Rapid7 Analysis](https://attackerkb.com/topics/5C4wRy6hY7/cve-2025-12480#rapid7-analysis), I have rated both the Exploitability and Attacker Value as `Very High`, as the target product is a file sharing solution, and is vulnerable to unauthenticated remote code execution in a default configuration. ..."
Link: https://attackerkb.com/assessments/872fea17-4584-4f94-b9dc-3875a890a332
0
0
0
AttackerKB
attackerkb
New Rapid7 Analysis on AttackerKB topic: CVE-2025-12480
"On November 10, 2025, Mandiant Threat Defense published a [report](https://cloud.google.com/blog/topics/threat-intelligence/triofox-vulnerability-cve-2025-12480) detailing exploitation in-the-wild, observed circa August 2025, of a previously undisclosed vulnerability affecting the file sharing platform, Gladinet [Triofox](https://www.triofox.com/). ..."
Link: https://attackerkb.com/topics/5f913695-734c-41e6-89e2-d317c3ebc06a
"On November 10, 2025, Mandiant Threat Defense published a [report](https://cloud.google.com/blog/topics/threat-intelligence/triofox-vulnerability-cve-2025-12480) detailing exploitation in-the-wild, observed circa August 2025, of a previously undisclosed vulnerability affecting the file sharing platform, Gladinet [Triofox](https://www.triofox.com/). ..."
Link: https://attackerkb.com/topics/5f913695-734c-41e6-89e2-d317c3ebc06a
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-5946
Topic description: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Centreon Infra Monitoring (Poller reload setup in the configuration modules) allows OS Command Injection. ..."
"Centreon is a platform designed to monitor your cloud and on-premises infrastructure. ..."
Link: https://attackerkb.com/assessments/3ae5b43c-a33d-47c0-b4f3-07ae353c1609
Topic description: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Centreon Infra Monitoring (Poller reload setup in the configuration modules) allows OS Command Injection. ..."
"Centreon is a platform designed to monitor your cloud and on-premises infrastructure. ..."
Link: https://attackerkb.com/assessments/3ae5b43c-a33d-47c0-b4f3-07ae353c1609
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2020-5902 — TMUI RCE vulnerability
Topic description: "In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/a51ed820-f8e9-48cc-9d26-a77f78eacbdb
Topic description: "In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/a51ed820-f8e9-48cc-9d26-a77f78eacbdb
0
0
0