AttackerKB
attackerkb
New assessment for topic: CVE-2025-41232
Topic description: "Spring Security Aspects may not correctly locate method security annotations on private methods ..."
"On May 19 2025, Spring released an [advisory](https://spring.io/security/cve-2025-41232) warning that Spring Security versions before `6.4.6` were vulnerable to a flaw in how Spring security annotations were identified and processed, that could lead to annotations being ignored on private methods, potentially leading to authorization bypasses on those private methods ..."
Link: https://attackerkb.com/assessments/c3734c78-c018-4e5f-9c70-b5f3c074a411
Topic description: "Spring Security Aspects may not correctly locate method security annotations on private methods ..."
"On May 19 2025, Spring released an [advisory](https://spring.io/security/cve-2025-41232) warning that Spring Security versions before `6.4.6` were vulnerable to a flaw in how Spring security annotations were identified and processed, that could lead to annotations being ignored on private methods, potentially leading to authorization bypasses on those private methods ..."
Link: https://attackerkb.com/assessments/c3734c78-c018-4e5f-9c70-b5f3c074a411
0
1
0
AttackerKB
attackerkb
New Rapid7 Analysis on AttackerKB topic: CVE-2024-58136
"Yii framework is a component-based MVC web application framework, providing developers with the building blocks to create complex web applications including modules for authentication, database access, REST etc ..."
Link: https://attackerkb.com/topics/622fff34-7ccf-4193-8a78-60e6b21d8811
"Yii framework is a component-based MVC web application framework, providing developers with the building blocks to create complex web applications including modules for authentication, database access, REST etc ..."
Link: https://attackerkb.com/topics/622fff34-7ccf-4193-8a78-60e6b21d8811
0
1
1
AttackerKB
attackerkb
New assessment for topic: CVE-2025-4427
Topic description: "An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API. ..."
"On May 13, 2025, Ivanti [published an advisory](https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM?language=en_US) for [CVE-2025-4427](https://nvd.nist.gov/vuln/detail/CVE-2025-4427), a high severity authentication bypass in Ivanti Endpoint Manager Mobile (EPMM) ..."
Link: https://attackerkb.com/assessments/ef99e5bd-b83c-485a-9841-e0d54a7d4650
Topic description: "An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API. ..."
"On May 13, 2025, Ivanti [published an advisory](https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM?language=en_US) for [CVE-2025-4427](https://nvd.nist.gov/vuln/detail/CVE-2025-4427), a high severity authentication bypass in Ivanti Endpoint Manager Mobile (EPMM) ..."
Link: https://attackerkb.com/assessments/ef99e5bd-b83c-485a-9841-e0d54a7d4650
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-4428
Topic description: "Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests. ..."
"On May 13, 2025, Ivanti [published an advisory](https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM?language=en_US) for [CVE-2025-4428](https://nvd.nist.gov/vuln/detail/CVE-2025-4428), a high-privilege expression language server-side template injection vulnerability in Ivanti Endpoint Manager Mobile (EPMM) ..."
Link: https://attackerkb.com/assessments/a8195fc7-566e-4ad2-9926-3101a8e4d0f8
Topic description: "Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests. ..."
"On May 13, 2025, Ivanti [published an advisory](https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM?language=en_US) for [CVE-2025-4428](https://nvd.nist.gov/vuln/detail/CVE-2025-4428), a high-privilege expression language server-side template injection vulnerability in Ivanti Endpoint Manager Mobile (EPMM) ..."
Link: https://attackerkb.com/assessments/a8195fc7-566e-4ad2-9926-3101a8e4d0f8
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-41425
Topic description: "Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component. ..."
"On November 5th, WonderCMS released version 3.4.3, which addresses vulnerability CVE-2023-41425 - a reflected cross-site scripting vulnerability ..."
Link: https://attackerkb.com/assessments/7540246c-ba79-4cb1-8fed-0407049ba2b0
Topic description: "Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component. ..."
"On November 5th, WonderCMS released version 3.4.3, which addresses vulnerability CVE-2023-41425 - a reflected cross-site scripting vulnerability ..."
Link: https://attackerkb.com/assessments/7540246c-ba79-4cb1-8fed-0407049ba2b0
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-3096
Topic description: "Clinic’s Patient Management System versions 2.0 suffers from a SQL injection vulnerability in the login page. ..."
"Clinic Patient Management System (CPMS) 2.0 is a management system written in PHP to control and manage patients and their health information ..."
Link: https://attackerkb.com/assessments/4dc1dd4e-1815-4515-a096-1fed078d0c83
Topic description: "Clinic’s Patient Management System versions 2.0 suffers from a SQL injection vulnerability in the login page. ..."
"Clinic Patient Management System (CPMS) 2.0 is a management system written in PHP to control and manage patients and their health information ..."
Link: https://attackerkb.com/assessments/4dc1dd4e-1815-4515-a096-1fed078d0c83
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-58136
Topic description: "Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an __class array key, a CVE-2024-4990 regression, as exploited in the wild in February through April 2025. ..."
"On the April 9 2025, Yii released an advisory warning that Yii framework versions before `2.0.52` were susceptible to Unsafe Reflection, with this CVE essentially a patch bypass of `CVE-2024-4990` ..."
Link: https://attackerkb.com/assessments/e6d2c5ff-8653-41a3-acf1-882330960fe1
Topic description: "Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an __class array key, a CVE-2024-4990 regression, as exploited in the wild in February through April 2025. ..."
"On the April 9 2025, Yii released an advisory warning that Yii framework versions before `2.0.52` were susceptible to Unsafe Reflection, with this CVE essentially a patch bypass of `CVE-2024-4990` ..."
Link: https://attackerkb.com/assessments/e6d2c5ff-8653-41a3-acf1-882330960fe1
0
1
1
AttackerKB
attackerkb
New assessment for topic: CVE-2025-22457
Topic description: "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution. ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/699141dd-fa5f-4a99-ae53-8b385bfdebc0
Topic description: "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution. ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/699141dd-fa5f-4a99-ae53-8b385bfdebc0
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-25065
Topic description: "SSRF vulnerability in the RSS feed parser in Zimbra Collaboration 9.0.0 before Patch 43, 10.0.x before 10.0.12, and 10.1.x before 10.1.4 allows unauthorized redirection to internal network endpoints. ..."
"On the 17th December 2024, Zimbra released an [advisory](https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes) warning that Zimbra versions before 10.1.4 were susceptible to Server-Side Request Forgery (SSRF) via the RSS feed parser ..."
Link: https://attackerkb.com/assessments/3a9053d9-8891-4e66-8d99-af387e965048
Topic description: "SSRF vulnerability in the RSS feed parser in Zimbra Collaboration 9.0.0 before Patch 43, 10.0.x before 10.0.12, and 10.1.x before 10.1.4 allows unauthorized redirection to internal network endpoints. ..."
"On the 17th December 2024, Zimbra released an [advisory](https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes) warning that Zimbra versions before 10.1.4 were susceptible to Server-Side Request Forgery (SSRF) via the RSS feed parser ..."
Link: https://attackerkb.com/assessments/3a9053d9-8891-4e66-8d99-af387e965048
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-32354
Topic description: "In Zimbra Collaboration (ZCS) 9.0 through 10.1, a Cross-Site Request Forgery (CSRF) vulnerability exists in the GraphQL endpoint (/service/extension/graphql) of Zimbra webmail due to a lack of CSRF token validation ..."
"On the 17th December 2024, Zimbra released an [advisory](https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes) warning that Zimbra versions before `10.1.4` were susceptible to Cross-Site Request Forgery (CSRF) attacks on an exposed GraphQL endpoint ..."
Link: https://attackerkb.com/assessments/48571868-d8f5-4408-8e24-b7ccec2ef7e3
Topic description: "In Zimbra Collaboration (ZCS) 9.0 through 10.1, a Cross-Site Request Forgery (CSRF) vulnerability exists in the GraphQL endpoint (/service/extension/graphql) of Zimbra webmail due to a lack of CSRF token validation ..."
"On the 17th December 2024, Zimbra released an [advisory](https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes) warning that Zimbra versions before `10.1.4` were susceptible to Cross-Site Request Forgery (CSRF) attacks on an exposed GraphQL endpoint ..."
Link: https://attackerkb.com/assessments/48571868-d8f5-4408-8e24-b7ccec2ef7e3
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-30406
Topic description: "Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025 ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/25edbe02-53c3-4f7b-9993-e57282580766
Topic description: "Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025 ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/25edbe02-53c3-4f7b-9993-e57282580766
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-38475
Topic description: "Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure ..."
"SonicWall [updated a 2024 advisory](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018) to note that this third-party vulnerability is being exploited in the wild in their SMA100 devices ..."
Link: https://attackerkb.com/assessments/306036ec-fc18-46f2-91b8-d8c5391031c5
Topic description: "Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure ..."
"SonicWall [updated a 2024 advisory](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018) to note that this third-party vulnerability is being exploited in the wild in their SMA100 devices ..."
Link: https://attackerkb.com/assessments/306036ec-fc18-46f2-91b8-d8c5391031c5
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-3935
Topic description: "ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack ..."
"On the 24th April 2025 Connectwise released an advisory warning that ScreenConnect versions before `25.2.3` were susceptible to ViewState code injection attacks, if an attacker had privileged access and hence access to the machine keys defined in application config ..."
Link: https://attackerkb.com/assessments/cd141f73-7686-4848-b0cd-2893225b446b
Topic description: "ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack ..."
"On the 24th April 2025 Connectwise released an advisory warning that ScreenConnect versions before `25.2.3` were susceptible to ViewState code injection attacks, if an attacker had privileged access and hence access to the machine keys defined in application config ..."
Link: https://attackerkb.com/assessments/cd141f73-7686-4848-b0cd-2893225b446b
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-31324
Topic description: "SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system ..."
"Rapid7 MDR has observed exploitation of this zero-day vulnerability in multiple customer environments ..."
Link: https://attackerkb.com/assessments/462e2d0c-2cf2-4306-94f5-901badbb072d
Topic description: "SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system ..."
"Rapid7 MDR has observed exploitation of this zero-day vulnerability in multiple customer environments ..."
Link: https://attackerkb.com/assessments/462e2d0c-2cf2-4306-94f5-901badbb072d
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-6235
Topic description: "Sensitive information disclosure in NetScaler Console ..."
"On July 9, 2024, Citrix [disclosed](https://support.citrix.com/s/article/CTX677998-netscaler-console-agent-and-sdx-svm-security-bulletin-for-cve20246235-and-cve20246236?language=en_US) CVE-2024-6235, a sensitive information disclosure vulnerability affecting NetScaler Console ..."
Link: https://attackerkb.com/assessments/3bf5c123-41fa-47c5-9eb1-d139317061b8
Topic description: "Sensitive information disclosure in NetScaler Console ..."
"On July 9, 2024, Citrix [disclosed](https://support.citrix.com/s/article/CTX677998-netscaler-console-agent-and-sdx-svm-security-bulletin-for-cve20246235-and-cve20246236?language=en_US) CVE-2024-6235, a sensitive information disclosure vulnerability affecting NetScaler Console ..."
Link: https://attackerkb.com/assessments/3bf5c123-41fa-47c5-9eb1-d139317061b8
0
1
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-32433
Topic description: "Erlang/OTP is a set of libraries for the Erlang programming language ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/697e0085-6e15-4860-8967-de67ec8f0cfa
Topic description: "Erlang/OTP is a set of libraries for the Erlang programming language ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/697e0085-6e15-4860-8967-de67ec8f0cfa
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-30406
Topic description: "Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025 ..."
"CVE-2025-30406 is a critical remote code execution (RCE) vulnerability affecting Gladinet's CentreStack and Triofox platforms ..."
Link: https://attackerkb.com/assessments/2bb4e3bd-b6fd-4241-a58b-9067960e0375
Topic description: "Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025 ..."
"CVE-2025-30406 is a critical remote code execution (RCE) vulnerability affecting Gladinet's CentreStack and Triofox platforms ..."
Link: https://attackerkb.com/assessments/2bb4e3bd-b6fd-4241-a58b-9067960e0375
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-38809
Topic description: "Applications that parse ETags from "If-Match" or "If-None-Match" request headers are vulnerable to DoS attack. ..."
"For successful exploitation of the vulnerability, applications must process or parse ETags in the following HTTP headers: 'If-Match' or 'If-None-Match' ..."
Link: https://attackerkb.com/assessments/173a9051-0955-4b4e-8bae-de52c949b516
Topic description: "Applications that parse ETags from "If-Match" or "If-None-Match" request headers are vulnerable to DoS attack. ..."
"For successful exploitation of the vulnerability, applications must process or parse ETags in the following HTTP headers: 'If-Match' or 'If-None-Match' ..."
Link: https://attackerkb.com/assessments/173a9051-0955-4b4e-8bae-de52c949b516
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-30065
Topic description: "Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code ..."
"[Apache Parquet](https://parquet.apache.org/) is a popular data storage format that was originally developed in the early 2010s as part of the Apache Hadoop ecosystem ..."
Link: https://attackerkb.com/assessments/3c043281-25a1-44fc-a361-00e02ec2bc60
Topic description: "Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code ..."
"[Apache Parquet](https://parquet.apache.org/) is a popular data storage format that was originally developed in the early 2010s as part of the Apache Hadoop ecosystem ..."
Link: https://attackerkb.com/assessments/3c043281-25a1-44fc-a361-00e02ec2bc60
0
1
2
AttackerKB
attackerkb
New assessment for topic: CVE-2025-22457
Topic description: "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution. ..."
"Based on writing the [Rapid7 Analysis](https://attackerkb.com/topics/0ybGQIkHzR/cve-2025-22457/rapid7-analysis) and developing a [PoC exploit script](https://github.com/sfewer-r7/CVE-2025-22457), I am rating the `Attacker Value` for this vulnerability as `Very High`, as Ivanti Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways are high profile targets for state-sponsored threat actors and have been regularly exploited in the wild in the past (including this vulnerability CVE-2025-22457) ..."
Link: https://attackerkb.com/assessments/fa985251-6adb-46fd-b1c6-9a84dbffb823
Topic description: "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution. ..."
"Based on writing the [Rapid7 Analysis](https://attackerkb.com/topics/0ybGQIkHzR/cve-2025-22457/rapid7-analysis) and developing a [PoC exploit script](https://github.com/sfewer-r7/CVE-2025-22457), I am rating the `Attacker Value` for this vulnerability as `Very High`, as Ivanti Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways are high profile targets for state-sponsored threat actors and have been regularly exploited in the wild in the past (including this vulnerability CVE-2025-22457) ..."
Link: https://attackerkb.com/assessments/fa985251-6adb-46fd-b1c6-9a84dbffb823
0
0
0