AttackerKB
attackerkb
New assessment for topic: CVE-2025-58034
Topic description: "An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.10, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands. ..."
"Based on writing the [Rapid7 Analysis](https://attackerkb.com/topics/zClpINmLCh/cve-2025-58034/rapid7-analysis), I have rated the exploitability as `Very High`, as exploitation is trivial and reliable ..."
Link: https://attackerkb.com/assessments/c67a510c-5ac5-43a7-affd-7b7655c4b62f
Topic description: "An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.10, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an authenticated attacker to execute unauthorized code on the underlying system via crafted HTTP requests or CLI commands. ..."
"Based on writing the [Rapid7 Analysis](https://attackerkb.com/topics/zClpINmLCh/cve-2025-58034/rapid7-analysis), I have rated the exploitability as `Very High`, as exploitation is trivial and reliable ..."
Link: https://attackerkb.com/assessments/c67a510c-5ac5-43a7-affd-7b7655c4b62f
0
1
0
AttackerKB
attackerkb
New Rapid7 Analysis on AttackerKB topic: CVE-2025-58034
"On November 18, 2025, Fortinet published an [advisory](https://fortiguard.fortinet.com/psirt/FG-IR-25-513) for CVE-2025-58034 ..."
Link: https://attackerkb.com/topics/60513c92-9536-4151-a6a5-1fc343b09e3c
"On November 18, 2025, Fortinet published an [advisory](https://fortiguard.fortinet.com/psirt/FG-IR-25-513) for CVE-2025-58034 ..."
Link: https://attackerkb.com/topics/60513c92-9536-4151-a6a5-1fc343b09e3c
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-10158
Topic description: "A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index ..."
"_Note: The following analysis was written by the original finder, Calum Hutton._ ..."
Link: https://attackerkb.com/assessments/fbacb2a6-d1cd-4011-bb3a-f06b1c8306b1
Topic description: "A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index ..."
"_Note: The following analysis was written by the original finder, Calum Hutton._ ..."
Link: https://attackerkb.com/assessments/fbacb2a6-d1cd-4011-bb3a-f06b1c8306b1
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-25257
Topic description: "An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and below 7.0.10 allows an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests. ..."
"In one of our honeypots we observed the following payload being executed: ..."
Link: https://attackerkb.com/assessments/ccb5097e-52f5-411c-b4f6-951b36b166d7
Topic description: "An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and below 7.0.10 allows an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests. ..."
"In one of our honeypots we observed the following payload being executed: ..."
Link: https://attackerkb.com/assessments/ccb5097e-52f5-411c-b4f6-951b36b166d7
0
1
1
AttackerKB
attackerkb
New assessment for topic: CVE-2025-64446
Topic description: "A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests. ..."
"# CVE-2025-64446 – Fortinet FortiWeb Critical Path Traversal Vulnerability ..."
Link: https://attackerkb.com/assessments/99da1ce6-0081-41e8-8a62-4ecf729a6586
Topic description: "A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests. ..."
"# CVE-2025-64446 – Fortinet FortiWeb Critical Path Traversal Vulnerability ..."
Link: https://attackerkb.com/assessments/99da1ce6-0081-41e8-8a62-4ecf729a6586
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-64446
Topic description: "A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests. ..."
"FortiWeb is a Web Application Firewall (WAF) product that is designed to detect and block malicious traffic to web applications ..."
Link: https://attackerkb.com/assessments/de356c9b-4b40-4354-894b-f4427f7061fb
Topic description: "A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow an attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests. ..."
"FortiWeb is a Web Application Firewall (WAF) product that is designed to detect and block malicious traffic to web applications ..."
Link: https://attackerkb.com/assessments/de356c9b-4b40-4354-894b-f4427f7061fb
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-12480
Topic description: "Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete. ..."
"Based on writing the [Rapid7 Analysis](https://attackerkb.com/topics/5C4wRy6hY7/cve-2025-12480#rapid7-analysis), I have rated both the Exploitability and Attacker Value as `Very High`, as the target product is a file sharing solution, and is vulnerable to unauthenticated remote code execution in a default configuration. ..."
Link: https://attackerkb.com/assessments/872fea17-4584-4f94-b9dc-3875a890a332
Topic description: "Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete. ..."
"Based on writing the [Rapid7 Analysis](https://attackerkb.com/topics/5C4wRy6hY7/cve-2025-12480#rapid7-analysis), I have rated both the Exploitability and Attacker Value as `Very High`, as the target product is a file sharing solution, and is vulnerable to unauthenticated remote code execution in a default configuration. ..."
Link: https://attackerkb.com/assessments/872fea17-4584-4f94-b9dc-3875a890a332
0
0
0
AttackerKB
attackerkb
New Rapid7 Analysis on AttackerKB topic: CVE-2025-12480
"On November 10, 2025, Mandiant Threat Defense published a [report](https://cloud.google.com/blog/topics/threat-intelligence/triofox-vulnerability-cve-2025-12480) detailing exploitation in-the-wild, observed circa August 2025, of a previously undisclosed vulnerability affecting the file sharing platform, Gladinet [Triofox](https://www.triofox.com/). ..."
Link: https://attackerkb.com/topics/5f913695-734c-41e6-89e2-d317c3ebc06a
"On November 10, 2025, Mandiant Threat Defense published a [report](https://cloud.google.com/blog/topics/threat-intelligence/triofox-vulnerability-cve-2025-12480) detailing exploitation in-the-wild, observed circa August 2025, of a previously undisclosed vulnerability affecting the file sharing platform, Gladinet [Triofox](https://www.triofox.com/). ..."
Link: https://attackerkb.com/topics/5f913695-734c-41e6-89e2-d317c3ebc06a
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-5946
Topic description: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Centreon Infra Monitoring (Poller reload setup in the configuration modules) allows OS Command Injection. ..."
"Centreon is a platform designed to monitor your cloud and on-premises infrastructure. ..."
Link: https://attackerkb.com/assessments/3ae5b43c-a33d-47c0-b4f3-07ae353c1609
Topic description: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Centreon Infra Monitoring (Poller reload setup in the configuration modules) allows OS Command Injection. ..."
"Centreon is a platform designed to monitor your cloud and on-premises infrastructure. ..."
Link: https://attackerkb.com/assessments/3ae5b43c-a33d-47c0-b4f3-07ae353c1609
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2020-5902 — TMUI RCE vulnerability
Topic description: "In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/a51ed820-f8e9-48cc-9d26-a77f78eacbdb
Topic description: "In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/a51ed820-f8e9-48cc-9d26-a77f78eacbdb
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-2783
Topic description: "Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file ..."
"Kaspersky Labs discovered this 0-day in Chrome Browser and reported it to Google ..."
Link: https://attackerkb.com/assessments/eb9d84e4-ac80-431b-8b5b-08b4975744b3
Topic description: "Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file ..."
"Kaspersky Labs discovered this 0-day in Chrome Browser and reported it to Google ..."
Link: https://attackerkb.com/assessments/eb9d84e4-ac80-431b-8b5b-08b4975744b3
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-54236
Topic description: "Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/85091c37-0bbd-4d19-980b-5acc68a9fc7a
Topic description: "Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability ..."
"[metadata only] ..."
Link: https://attackerkb.com/assessments/85091c37-0bbd-4d19-980b-5acc68a9fc7a
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-61882
Topic description: "Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite (component: BI Publisher Integration) ..."
"The exploit for this was leaked, and has been available on VirusTotal since 3 Oct 2025 (both [exp.py](https://www.virustotal.com/gui/file/aa0d3859d6633b62bccfb69017d33a8979a3be1f3f0a5a4bf6960d6c73d41121/details) and [server.py](https://www.virustotal.com/gui/file/6fd538e4a8e3493dda6f9fcdc96e814bdd14f3e2ef8aa46f0143bff34b882c1b/details)) ..."
Link: https://attackerkb.com/assessments/a5a4a6ba-7379-4404-9a90-2a9a0345575e
Topic description: "Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite (component: BI Publisher Integration) ..."
"The exploit for this was leaked, and has been available on VirusTotal since 3 Oct 2025 (both [exp.py](https://www.virustotal.com/gui/file/aa0d3859d6633b62bccfb69017d33a8979a3be1f3f0a5a4bf6960d6c73d41121/details) and [server.py](https://www.virustotal.com/gui/file/6fd538e4a8e3493dda6f9fcdc96e814bdd14f3e2ef8aa46f0143bff34b882c1b/details)) ..."
Link: https://attackerkb.com/assessments/a5a4a6ba-7379-4404-9a90-2a9a0345575e
0
0
0
AttackerKB
attackerkb
New Rapid7 Analysis on AttackerKB topic: CVE-2025-20362
"On September 25, 2025, Cisco published advisories for two new vulnerabilities, CVE-2025-20362, and CVE-2025-20333, which are known to be exploited in-the-wild as a zero-day, by an as-yet unknown threat actor in what appears to be a highly targeted attack. ..."
Link: https://attackerkb.com/topics/1098c71a-ab65-493f-8ac0-f6c770f6f3c5
"On September 25, 2025, Cisco published advisories for two new vulnerabilities, CVE-2025-20362, and CVE-2025-20333, which are known to be exploited in-the-wild as a zero-day, by an as-yet unknown threat actor in what appears to be a highly targeted attack. ..."
Link: https://attackerkb.com/topics/1098c71a-ab65-493f-8ac0-f6c770f6f3c5
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-41244
Topic description: "VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM. ..."
"A local privilege escalation in VMware guest service discovery (open-vm-tools / VMware Aria Operations SDMP) ..."
Link: https://attackerkb.com/assessments/32dc9ce8-8cb7-46d4-90fb-d47e97fbf84f
Topic description: "VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM. ..."
"A local privilege escalation in VMware guest service discovery (open-vm-tools / VMware Aria Operations SDMP) ..."
Link: https://attackerkb.com/assessments/32dc9ce8-8cb7-46d4-90fb-d47e97fbf84f
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-32463
Topic description: "Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option. ..."
"On June 30, 2025, a privilege escalation vulnerability in the popular `sudo` command was published ..."
Link: https://attackerkb.com/assessments/5e35a669-7931-45cc-a25b-7eff64a03bed
Topic description: "Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option. ..."
"On June 30, 2025, a privilege escalation vulnerability in the popular `sudo` command was published ..."
Link: https://attackerkb.com/assessments/5e35a669-7931-45cc-a25b-7eff64a03bed
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-20362
Topic description: "A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to access restricted URL endpoints without authentication that should otherwise be inaccessible without authentication ..."
"This is an authentication bypass affecting Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) appliances ..."
Link: https://attackerkb.com/assessments/8c7829c3-f04c-425b-8853-97fc96b5d416
Topic description: "A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to access restricted URL endpoints without authentication that should otherwise be inaccessible without authentication ..."
"This is an authentication bypass affecting Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) appliances ..."
Link: https://attackerkb.com/assessments/8c7829c3-f04c-425b-8853-97fc96b5d416
0
0
1
AttackerKB
attackerkb
New assessment for topic: CVE-2025-20333
Topic description: "A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. ..."
"This is a memory corruption vulnerability (the CWE indicates it is a buffer overflow) affecting Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) appliances ..."
Link: https://attackerkb.com/assessments/8b78ecbf-ee77-4eb8-9310-4820e99d14a8
Topic description: "A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. ..."
"This is a memory corruption vulnerability (the CWE indicates it is a buffer overflow) affecting Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) appliances ..."
Link: https://attackerkb.com/assessments/8b78ecbf-ee77-4eb8-9310-4820e99d14a8
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-20363
Topic description: "A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, remote attacker (Cisco ASA and FTD Software) or authenticated, remote attacker (Cisco IOS, IOS XE, and IOS XR Software) with low user privileges to execute arbitrary code on an affected device ..."
"[CVE-2025-20363](https://www.rapid7.com/blog/post/etr-cve-2025-20333-cve-2025-20362-cve-2025-20363-multiple-critical-vulnerabilities-affecting-cisco-products/) is a heap-based buffer overflow [affecting many](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-code-exec-WmfP3h3O) popular Cisco products: Cisco ASA, FTD, IOS, IOS XE, and IOS XR ..."
Link: https://attackerkb.com/assessments/5fc0cb55-5f93-4116-8e0a-0c39251010ab
Topic description: "A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, remote attacker (Cisco ASA and FTD Software) or authenticated, remote attacker (Cisco IOS, IOS XE, and IOS XR Software) with low user privileges to execute arbitrary code on an affected device ..."
"[CVE-2025-20363](https://www.rapid7.com/blog/post/etr-cve-2025-20333-cve-2025-20362-cve-2025-20363-multiple-critical-vulnerabilities-affecting-cisco-products/) is a heap-based buffer overflow [affecting many](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-code-exec-WmfP3h3O) popular Cisco products: Cisco ASA, FTD, IOS, IOS XE, and IOS XR ..."
Link: https://attackerkb.com/assessments/5fc0cb55-5f93-4116-8e0a-0c39251010ab
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-10035
Topic description: " ..."
"Based on writing the [Rapid7 Analysis](https://attackerkb.com/topics/LbA9ANjcdz/cve-2025-10035#rapid7-analysis), I have rated the Attacker Value as `Very High`, a file transfer solution is a very high value target for an attacker, and this vulnerability is unauthenticated RCE ..."
Link: https://attackerkb.com/assessments/17eca967-23dd-4d68-ba3f-93fd48496dbd
Topic description: " ..."
"Based on writing the [Rapid7 Analysis](https://attackerkb.com/topics/LbA9ANjcdz/cve-2025-10035#rapid7-analysis), I have rated the Attacker Value as `Very High`, a file transfer solution is a very high value target for an attacker, and this vulnerability is unauthenticated RCE ..."
Link: https://attackerkb.com/assessments/17eca967-23dd-4d68-ba3f-93fd48496dbd
0
0
0