AttackerKB
attackerkb
New assessment for topic: CVE-2025-20333
Topic description: "A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. ..."
"This is a memory corruption vulnerability (the CWE indicates it is a buffer overflow) affecting Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) appliances ..."
Link: https://attackerkb.com/assessments/8b78ecbf-ee77-4eb8-9310-4820e99d14a8
Topic description: "A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. ..."
"This is a memory corruption vulnerability (the CWE indicates it is a buffer overflow) affecting Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) appliances ..."
Link: https://attackerkb.com/assessments/8b78ecbf-ee77-4eb8-9310-4820e99d14a8
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-20363
Topic description: "A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, remote attacker (Cisco ASA and FTD Software) or authenticated, remote attacker (Cisco IOS, IOS XE, and IOS XR Software) with low user privileges to execute arbitrary code on an affected device ..."
"[CVE-2025-20363](https://www.rapid7.com/blog/post/etr-cve-2025-20333-cve-2025-20362-cve-2025-20363-multiple-critical-vulnerabilities-affecting-cisco-products/) is a heap-based buffer overflow [affecting many](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-code-exec-WmfP3h3O) popular Cisco products: Cisco ASA, FTD, IOS, IOS XE, and IOS XR ..."
Link: https://attackerkb.com/assessments/5fc0cb55-5f93-4116-8e0a-0c39251010ab
Topic description: "A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, remote attacker (Cisco ASA and FTD Software) or authenticated, remote attacker (Cisco IOS, IOS XE, and IOS XR Software) with low user privileges to execute arbitrary code on an affected device ..."
"[CVE-2025-20363](https://www.rapid7.com/blog/post/etr-cve-2025-20333-cve-2025-20362-cve-2025-20363-multiple-critical-vulnerabilities-affecting-cisco-products/) is a heap-based buffer overflow [affecting many](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-code-exec-WmfP3h3O) popular Cisco products: Cisco ASA, FTD, IOS, IOS XE, and IOS XR ..."
Link: https://attackerkb.com/assessments/5fc0cb55-5f93-4116-8e0a-0c39251010ab
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-10035
Topic description: " ..."
"Based on writing the [Rapid7 Analysis](https://attackerkb.com/topics/LbA9ANjcdz/cve-2025-10035#rapid7-analysis), I have rated the Attacker Value as `Very High`, a file transfer solution is a very high value target for an attacker, and this vulnerability is unauthenticated RCE ..."
Link: https://attackerkb.com/assessments/17eca967-23dd-4d68-ba3f-93fd48496dbd
Topic description: " ..."
"Based on writing the [Rapid7 Analysis](https://attackerkb.com/topics/LbA9ANjcdz/cve-2025-10035#rapid7-analysis), I have rated the Attacker Value as `Very High`, a file transfer solution is a very high value target for an attacker, and this vulnerability is unauthenticated RCE ..."
Link: https://attackerkb.com/assessments/17eca967-23dd-4d68-ba3f-93fd48496dbd
0
0
0
AttackerKB
attackerkb
New Rapid7 Analysis on AttackerKB topic: CVE-2025-10035
"On September 18, 2025, Fortra published a security [advisory](https://www.fortra.com/security/advisories/product-security/fi-2025-012) for a new vulnerability affecting their managed file transfer product, GoAnywhere MFT ..."
Link: https://attackerkb.com/topics/83fe961b-182b-4dd8-a236-438cafe193eb
"On September 18, 2025, Fortra published a security [advisory](https://www.fortra.com/security/advisories/product-security/fi-2025-012) for a new vulnerability affecting their managed file transfer product, GoAnywhere MFT ..."
Link: https://attackerkb.com/topics/83fe961b-182b-4dd8-a236-438cafe193eb
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-10184
Topic description: "The vulnerability allows any application installed on the device to read SMS/MMS data and metadata from the system-provided Telephony provider without permission, user interaction, or consent ..."
"As per the advisory, this vulnerability "allows any application installed on the device to read SMS/MMS data and metadata from the system-provided Telephony provider (the package com.android.providers.telephony) without permission, user interaction, or consent." ..."
Link: https://attackerkb.com/assessments/e599af0e-d8e2-4a21-b596-a5b8433c3532
Topic description: "The vulnerability allows any application installed on the device to read SMS/MMS data and metadata from the system-provided Telephony provider without permission, user interaction, or consent ..."
"As per the advisory, this vulnerability "allows any application installed on the device to read SMS/MMS data and metadata from the system-provided Telephony provider (the package com.android.providers.telephony) without permission, user interaction, or consent." ..."
Link: https://attackerkb.com/assessments/e599af0e-d8e2-4a21-b596-a5b8433c3532
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-34152
Topic description: "An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) via the 'time' parameter of the '/protocol.csp?' endpoint ..."
"[CVE-2025-34152](https://nvd.nist.gov/vuln/detail/CVE-2025-34152) is a critical unauthenticated OS command injection vulnerability affecting the Shenzhen Aitemi M300 (MT02) Wi-Fi repeater ..."
Link: https://attackerkb.com/assessments/f9232c59-7c73-4a11-be35-41796596deb5
Topic description: "An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) via the 'time' parameter of the '/protocol.csp?' endpoint ..."
"[CVE-2025-34152](https://nvd.nist.gov/vuln/detail/CVE-2025-34152) is a critical unauthenticated OS command injection vulnerability affecting the Shenzhen Aitemi M300 (MT02) Wi-Fi repeater ..."
Link: https://attackerkb.com/assessments/f9232c59-7c73-4a11-be35-41796596deb5
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-5805
Topic description: "Improper Authentication vulnerability in Progress MOVEit Gateway (SFTP modules) allows Authentication Bypass.This issue affects MOVEit Gateway: 2024.0.0. ..."
"[CVE-2024-5805](https://community.progress.com/s/article/MOVEit-Gateway-Critical-Security-Alert-Bulletin-June-2024-CVE-2024-5805) is a critical SFTP authentication bypass vulnerability affecting Progress [MOVEit Gateway](https://community.progress.com/s/article/Gateway-Overview), an optional DMZ proxy designed to be used with the MOVEit Transfer file sharing software ..."
Link: https://attackerkb.com/assessments/ea949df7-483a-458b-917b-683e0f53521a
Topic description: "Improper Authentication vulnerability in Progress MOVEit Gateway (SFTP modules) allows Authentication Bypass.This issue affects MOVEit Gateway: 2024.0.0. ..."
"[CVE-2024-5805](https://community.progress.com/s/article/MOVEit-Gateway-Critical-Security-Alert-Bulletin-June-2024-CVE-2024-5805) is a critical SFTP authentication bypass vulnerability affecting Progress [MOVEit Gateway](https://community.progress.com/s/article/Gateway-Overview), an optional DMZ proxy designed to be used with the MOVEit Transfer file sharing software ..."
Link: https://attackerkb.com/assessments/ea949df7-483a-458b-917b-683e0f53521a
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-57791
Topic description: "An issue was discovered in Commvault before 11.36.60 ..."
"[CVE-2025-57791](https://documentation.commvault.com/securityadvisories/CV_2025_08_1.html) is a highly impactful unauthenticated argument injection vulnerability affecting Commvault for Windows and Linux ..."
Link: https://attackerkb.com/assessments/3265b8b6-674f-438b-a33d-e092ac4bbfbc
Topic description: "An issue was discovered in Commvault before 11.36.60 ..."
"[CVE-2025-57791](https://documentation.commvault.com/securityadvisories/CV_2025_08_1.html) is a highly impactful unauthenticated argument injection vulnerability affecting Commvault for Windows and Linux ..."
Link: https://attackerkb.com/assessments/3265b8b6-674f-438b-a33d-e092ac4bbfbc
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-57788
Topic description: "An issue was discovered in Commvault before 11.36.60 ..."
"CVE-2025-57788 is [a medium-severity vulnerability in Commvault](https://documentation.commvault.com/securityadvisories/CV_2025_08_3.html) for Windows and Linux, affecting the web service ..."
Link: https://attackerkb.com/assessments/ab3c1929-9e46-4a88-8c8e-7e4e22474aba
Topic description: "An issue was discovered in Commvault before 11.36.60 ..."
"CVE-2025-57788 is [a medium-severity vulnerability in Commvault](https://documentation.commvault.com/securityadvisories/CV_2025_08_3.html) for Windows and Linux, affecting the web service ..."
Link: https://attackerkb.com/assessments/ab3c1929-9e46-4a88-8c8e-7e4e22474aba
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-42957
Topic description: "SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC ..."
"A low-privileged SAP user who can invoke the vulnerable RFC function can inject arbitrary ABAP, bypassing critical auth checks and achieving administrative control over SAP S/4HANA; pivot to the underlying host is feasible. ..."
Link: https://attackerkb.com/assessments/9e4b5480-8085-4545-a60b-a224b42105c1
Topic description: "SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC ..."
"A low-privileged SAP user who can invoke the vulnerable RFC function can inject arbitrary ABAP, bypassing critical auth checks and achieving administrative control over SAP S/4HANA; pivot to the underlying host is feasible. ..."
Link: https://attackerkb.com/assessments/9e4b5480-8085-4545-a60b-a224b42105c1
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-29059
Topic description: "3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023 ..."
"CVE-2023-29059 is a supply chain attack that [targeted systems in the wild](https://www.rapid7.com/blog/post/2023/03/30/backdoored-3cxdesktopapp-installer-used-in-active-threat-campaign/) in March, 2023, via infected 3CX DesktopApp Electron application packages ..."
Link: https://attackerkb.com/assessments/4b37df41-d0ef-4199-bd3c-a19e6be4dbf7
Topic description: "3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023 ..."
"CVE-2023-29059 is a supply chain attack that [targeted systems in the wild](https://www.rapid7.com/blog/post/2023/03/30/backdoored-3cxdesktopapp-installer-used-in-active-threat-campaign/) in March, 2023, via infected 3CX DesktopApp Electron application packages ..."
Link: https://attackerkb.com/assessments/4b37df41-d0ef-4199-bd3c-a19e6be4dbf7
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-53693
Topic description: "Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cache Poisoning.This issue affects Sitecore Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4. ..."
"CVE-2025-53693 is an unauthenticated server-side cache poisoning vulnerability affecting Sitecore Experience Manager and Sitecore Experience Platform ..."
Link: https://attackerkb.com/assessments/3d97308e-ef14-4f17-a30b-84550e8c8f69
Topic description: "Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Cache Poisoning.This issue affects Sitecore Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4. ..."
"CVE-2025-53693 is an unauthenticated server-side cache poisoning vulnerability affecting Sitecore Experience Manager and Sitecore Experience Platform ..."
Link: https://attackerkb.com/assessments/3d97308e-ef14-4f17-a30b-84550e8c8f69
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-50154
Topic description: "Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. ..."
"CVE-2025-50154 is easy to exploit ..."
Link: https://attackerkb.com/assessments/29dae763-b740-4740-bd8f-c048380ccc59
Topic description: "Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. ..."
"CVE-2025-50154 is easy to exploit ..."
Link: https://attackerkb.com/assessments/29dae763-b740-4740-bd8f-c048380ccc59
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2023-28459
Topic description: "pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export (a non-default feature) ..."
"Pretalx is a web-based conference planning tool used to manage call for papers (CfP) submissions, select talks, communicate with speakers, and publish conference schedules ..."
Link: https://attackerkb.com/assessments/9366f871-5537-409f-ac6a-6b0013fd3bfb
Topic description: "pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export (a non-default feature) ..."
"Pretalx is a web-based conference planning tool used to manage call for papers (CfP) submissions, select talks, communicate with speakers, and publish conference schedules ..."
Link: https://attackerkb.com/assessments/9366f871-5537-409f-ac6a-6b0013fd3bfb
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-32019
Topic description: "Netdata is an open source observability tool ..."
"Netdata is an open-source observability tool that contains a designated tool to run a set of defined commands with elevated privileges ..."
Link: https://attackerkb.com/assessments/2d9e32c1-bf84-4cea-a07f-dca060dc86bf
Topic description: "Netdata is an open source observability tool ..."
"Netdata is an open-source observability tool that contains a designated tool to run a set of defined commands with elevated privileges ..."
Link: https://attackerkb.com/assessments/2d9e32c1-bf84-4cea-a07f-dca060dc86bf
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-7775
Topic description: "Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server ..."
"Based on the vendors CVSS rating of [9.2 Critical](https://www.first.org/cvss/calculator/4-0#CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L), we know this is unauthenticated, however the complexity rating is given as high and the attack requirements is given as being present, (i.e ..."
Link: https://attackerkb.com/assessments/4e09b69a-f48c-4c6c-be6e-8fc1d783cd7b
Topic description: "Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server ..."
"Based on the vendors CVSS rating of [9.2 Critical](https://www.first.org/cvss/calculator/4-0#CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L), we know this is unauthenticated, however the complexity rating is given as high and the attack requirements is given as being present, (i.e ..."
Link: https://attackerkb.com/assessments/4e09b69a-f48c-4c6c-be6e-8fc1d783cd7b
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-49619
Topic description: "Skyvern through 0.1.85 is vulnerable to server-side template injection (SSTI) in the Prompt field of workflow blocks such as the Navigation v2 Block ..."
"On June 7th, CVE-2025-49619 was published, alongside a [write-up](https://cristibtz.blog/posts/CVE-2025-49619/) ..."
Link: https://attackerkb.com/assessments/fcb4d7e0-b562-4515-9a78-4f40640308f2
Topic description: "Skyvern through 0.1.85 is vulnerable to server-side template injection (SSTI) in the Prompt field of workflow blocks such as the Navigation v2 Block ..."
"On June 7th, CVE-2025-49619 was published, alongside a [write-up](https://cristibtz.blog/posts/CVE-2025-49619/) ..."
Link: https://attackerkb.com/assessments/fcb4d7e0-b562-4515-9a78-4f40640308f2
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-51981
Topic description: "An unauthenticated attacker may perform a blind server side request forgery (SSRF), due to a CLRF injection issue that can be leveraged to perform HTTP request smuggling ..."
"A Server Side Request Forgery (SSRF) vulnerability exists due to how the Brother firmware handles Web Services Eventing (WS-Eventing) subscriptions ..."
Link: https://attackerkb.com/assessments/fa5c2bf7-82ec-44cc-8808-d8647ae037d4
Topic description: "An unauthenticated attacker may perform a blind server side request forgery (SSRF), due to a CLRF injection issue that can be leveraged to perform HTTP request smuggling ..."
"A Server Side Request Forgery (SSRF) vulnerability exists due to how the Brother firmware handles Web Services Eventing (WS-Eventing) subscriptions ..."
Link: https://attackerkb.com/assessments/fa5c2bf7-82ec-44cc-8808-d8647ae037d4
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2025-1094
Topic description: "Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() allows a database input provider to achieve SQL injection in certain usage patterns ..."
"An attacker can inject unexpected UTF-8 characters, such as `\xC0` into a string that is correctly escaped via the PSQL escaping routines, such as `pg_escape_string` ..."
Link: https://attackerkb.com/assessments/74e38297-224a-4205-beb2-c5cef31d2ecf
Topic description: "Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() allows a database input provider to achieve SQL injection in certain usage patterns ..."
"An attacker can inject unexpected UTF-8 characters, such as `\xC0` into a string that is correctly escaped via the PSQL escaping routines, such as `pg_escape_string` ..."
Link: https://attackerkb.com/assessments/74e38297-224a-4205-beb2-c5cef31d2ecf
0
0
0
AttackerKB
attackerkb
New assessment for topic: CVE-2024-51977
Topic description: "An unauthenticated attacker who can access either the HTTP service (TCP port 80), the HTTPS service (TCP port 443), or the IPP service (TCP port 631), can leak several pieces of sensitive information from a vulnerable device ..."
"An unauthenticated attacker who can access either the HTTP service (Port 80), the HTTPS service (Port 443), or the IPP service (Port 631), can leak several pieces of information from a vulnerable device ..."
Link: https://attackerkb.com/assessments/d00cbb64-c04d-4317-9f35-c201a4aa5733
Topic description: "An unauthenticated attacker who can access either the HTTP service (TCP port 80), the HTTPS service (TCP port 443), or the IPP service (TCP port 631), can leak several pieces of sensitive information from a vulnerable device ..."
"An unauthenticated attacker who can access either the HTTP service (Port 80), the HTTPS service (Port 443), or the IPP service (Port 631), can leak several pieces of information from a vulnerable device ..."
Link: https://attackerkb.com/assessments/d00cbb64-c04d-4317-9f35-c201a4aa5733
0
0
0