Posts
200
Following
Hidden
Followers
55
AttackerKB bot (Unofficial)
New assessment for topic: CVE-2025-41232

Topic description: "Spring Security Aspects may not correctly locate method security annotations on private methods ..."

"On May 19 2025, Spring released an [advisory](https://spring.io/security/cve-2025-41232) warning that Spring Security versions before `6.4.6` were vulnerable to a flaw in how Spring security annotations were identified and processed, that could lead to annotations being ignored on private methods, potentially leading to authorization bypasses on those private methods ..."

Link: https://attackerkb.com/assessments/c3734c78-c018-4e5f-9c70-b5f3c074a411
0
1
0
New Rapid7 Analysis on AttackerKB topic: CVE-2024-58136

"Yii framework is a component-based MVC web application framework, providing developers with the building blocks to create complex web applications including modules for authentication, database access, REST etc ..."

Link: https://attackerkb.com/topics/622fff34-7ccf-4193-8a78-60e6b21d8811
0
1
1
New assessment for topic: CVE-2025-4427

Topic description: "An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API. ..."

"On May 13, 2025, Ivanti [published an advisory](https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM?language=en_US) for [CVE-2025-4427](https://nvd.nist.gov/vuln/detail/CVE-2025-4427), a high severity authentication bypass in Ivanti Endpoint Manager Mobile (EPMM) ..."

Link: https://attackerkb.com/assessments/ef99e5bd-b83c-485a-9841-e0d54a7d4650
0
0
0
New assessment for topic: CVE-2025-4428

Topic description: "Remote Code Execution in API component in Ivanti Endpoint Manager Mobile 12.5.0.0 and prior on unspecified platforms allows authenticated attackers to execute arbitrary code via crafted API requests. ..."

"On May 13, 2025, Ivanti [published an advisory](https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM?language=en_US) for [CVE-2025-4428](https://nvd.nist.gov/vuln/detail/CVE-2025-4428), a high-privilege expression language server-side template injection vulnerability in Ivanti Endpoint Manager Mobile (EPMM) ..."

Link: https://attackerkb.com/assessments/a8195fc7-566e-4ad2-9926-3101a8e4d0f8
0
0
0
New assessment for topic: CVE-2023-41425

Topic description: "Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component. ..."

"On November 5th, WonderCMS released version 3.4.3, which addresses vulnerability CVE-2023-41425 - a reflected cross-site scripting vulnerability ..."

Link: https://attackerkb.com/assessments/7540246c-ba79-4cb1-8fed-0407049ba2b0
0
0
0
New assessment for topic: CVE-2025-3096

Topic description: "Clinic’s Patient Management System versions 2.0 suffers from a SQL injection vulnerability in the login page. ..."

"Clinic Patient Management System (CPMS) 2.0 is a management system written in PHP to control and manage patients and their health information ..."

Link: https://attackerkb.com/assessments/4dc1dd4e-1815-4515-a096-1fed078d0c83
0
0
0
New assessment for topic: CVE-2024-58136

Topic description: "Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an __class array key, a CVE-2024-4990 regression, as exploited in the wild in February through April 2025. ..."

"On the April 9 2025, Yii released an advisory warning that Yii framework versions before `2.0.52` were susceptible to Unsafe Reflection, with this CVE essentially a patch bypass of `CVE-2024-4990` ..."

Link: https://attackerkb.com/assessments/e6d2c5ff-8653-41a3-acf1-882330960fe1
0
1
1
New assessment for topic: CVE-2025-22457

Topic description: "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution. ..."

"[metadata only] ..."

Link: https://attackerkb.com/assessments/699141dd-fa5f-4a99-ae53-8b385bfdebc0
0
0
0
New assessment for topic: CVE-2025-25065

Topic description: "SSRF vulnerability in the RSS feed parser in Zimbra Collaboration 9.0.0 before Patch 43, 10.0.x before 10.0.12, and 10.1.x before 10.1.4 allows unauthorized redirection to internal network endpoints. ..."

"On the 17th December 2024, Zimbra released an [advisory](https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes) warning that Zimbra versions before 10.1.4 were susceptible to Server-Side Request Forgery (SSRF) via the RSS feed parser ..."

Link: https://attackerkb.com/assessments/3a9053d9-8891-4e66-8d99-af387e965048
0
0
0
New assessment for topic: CVE-2025-32354

Topic description: "In Zimbra Collaboration (ZCS) 9.0 through 10.1, a Cross-Site Request Forgery (CSRF) vulnerability exists in the GraphQL endpoint (/service/extension/graphql) of Zimbra webmail due to a lack of CSRF token validation ..."

"On the 17th December 2024, Zimbra released an [advisory](https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes) warning that Zimbra versions before `10.1.4` were susceptible to Cross-Site Request Forgery (CSRF) attacks on an exposed GraphQL endpoint ..."

Link: https://attackerkb.com/assessments/48571868-d8f5-4408-8e24-b7ccec2ef7e3
0
0
0
New assessment for topic: CVE-2025-30406

Topic description: "Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025 ..."

"[metadata only] ..."

Link: https://attackerkb.com/assessments/25edbe02-53c3-4f7b-9993-e57282580766
0
0
0
New assessment for topic: CVE-2024-38475

Topic description: "Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure ..."

"SonicWall [updated a 2024 advisory](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0018) to note that this third-party vulnerability is being exploited in the wild in their SMA100 devices ..."

Link: https://attackerkb.com/assessments/306036ec-fc18-46f2-91b8-d8c5391031c5
0
0
0
New assessment for topic: CVE-2025-3935

Topic description: "ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack ..."

"On the 24th April 2025 Connectwise released an advisory warning that ScreenConnect versions before `25.2.3` were susceptible to ViewState code injection attacks, if an attacker had privileged access and hence access to the machine keys defined in application config ..."

Link: https://attackerkb.com/assessments/cd141f73-7686-4848-b0cd-2893225b446b
0
0
0
New assessment for topic: CVE-2025-31324

Topic description: "SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system ..."

"Rapid7 MDR has observed exploitation of this zero-day vulnerability in multiple customer environments ..."

Link: https://attackerkb.com/assessments/462e2d0c-2cf2-4306-94f5-901badbb072d
0
0
0
New assessment for topic: CVE-2024-6235

Topic description: "Sensitive information disclosure in NetScaler Console ..."

"On July 9, 2024, Citrix [disclosed](https://support.citrix.com/s/article/CTX677998-netscaler-console-agent-and-sdx-svm-security-bulletin-for-cve20246235-and-cve20246236?language=en_US) CVE-2024-6235, a sensitive information disclosure vulnerability affecting NetScaler Console ..."

Link: https://attackerkb.com/assessments/3bf5c123-41fa-47c5-9eb1-d139317061b8
0
1
0
New assessment for topic: CVE-2025-32433

Topic description: "Erlang/OTP is a set of libraries for the Erlang programming language ..."

"[metadata only] ..."

Link: https://attackerkb.com/assessments/697e0085-6e15-4860-8967-de67ec8f0cfa
0
0
0
New assessment for topic: CVE-2025-30406

Topic description: "Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025 ..."

"CVE-2025-30406 is a critical remote code execution (RCE) vulnerability affecting Gladinet's CentreStack and Triofox platforms ..."

Link: https://attackerkb.com/assessments/2bb4e3bd-b6fd-4241-a58b-9067960e0375
0
0
0
New assessment for topic: CVE-2024-38809

Topic description: "Applications that parse ETags from "If-Match" or "If-None-Match" request headers are vulnerable to DoS attack. ..."

"For successful exploitation of the vulnerability, applications must process or parse ETags in the following HTTP headers: 'If-Match' or 'If-None-Match' ..."

Link: https://attackerkb.com/assessments/173a9051-0955-4b4e-8bae-de52c949b516
0
0
0
New assessment for topic: CVE-2025-30065

Topic description: "Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors to execute arbitrary code ..."

"[Apache Parquet](https://parquet.apache.org/) is a popular data storage format that was originally developed in the early 2010s as part of the Apache Hadoop ecosystem ..."

Link: https://attackerkb.com/assessments/3c043281-25a1-44fc-a361-00e02ec2bc60
0
1
2
New assessment for topic: CVE-2025-22457

Topic description: "A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution. ..."

"Based on writing the [Rapid7 Analysis](https://attackerkb.com/topics/0ybGQIkHzR/cve-2025-22457/rapid7-analysis) and developing a [PoC exploit script](https://github.com/sfewer-r7/CVE-2025-22457), I am rating the `Attacker Value` for this vulnerability as `Very High`, as Ivanti Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways are high profile targets for state-sponsored threat actors and have been regularly exploited in the wild in the past (including this vulnerability CVE-2025-22457) ..."

Link: https://attackerkb.com/assessments/fa985251-6adb-46fd-b1c6-9a84dbffb823
0
0
0
Show older