SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals


Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html
SRUM-DUMP Version 3: Uncovering Malware Activity in Forensics
Published: 2025-04-27
Last Updated: 2025-04-28 00:21:25 UTC
by Mark Baggett (Version: 2)
For digital forensics and incident response professionals, extracting precise evidence from Windows systems is critical to understanding and mitigating threats. I'm excited to introduce SRUM-DUMP Version 3, a powerful forensic tool I've developed to analyze the Windows System Resource Usage Monitor (SRUM) database. Available on GitHub at SRUM-DUMP Repository, this version offers significant improvements, including a user-friendly GUI and customizable output. In this post, I'll guide you through using SRUM-DUMP v3Õs GUI to investigate a scenario where malware (malware<.>exe) exfiltrates intellectual property over a wireless network. We'll explore the 3-step wizard, customize the analysis to highlight malware<.>exe, and examine where it appears in the output spreadsheet and what each tab reveals about the incident ...
Read the full entry:
https://isc.sans.edu/diary/SRUMDUMP+Version+3+Uncovering+Malware+Activity+in+Forensics/31896/
Steganography Analysis With pngdump.py
Published: 2025-04-26
Last Updated: 2025-04-26 06:45:13 UTC
by Didier Stevens (Version: 1)
I like it when a diary entry like "Example of a Payload Delivered Through Steganography" (https://isc.sans.edu/diary/Example+of+a+Payload+Delivered+Through+Steganography/31892/) is published: it gives me an opportunity to test my tools, in particular pngdump.py, a tool to analyze PNG files.
A PNG file consists of a header followed by chunks. pngdump.py shows this ...
Read the full entry:
https://isc.sans.edu/diary/Steganography+Analysis+With+pngdumppy/31894/
More Scans for SMS Gateways and APIs
Published: 2025-04-29
Last Updated: 2025-04-29 15:25:05 UTC
by Johannes Ullrich (Version: 1)
Last week, I wrote about scans for Teltonika Networks SMS Gateways. Attackers are always looking for cheap (free) ways to send SMS messages and gain access to not-blocklisted numbers. So, I took a closer look at similar scans we have seen.
There are numerous ways to send SMS messages; using a hardware SMS gateway is probably one of the more fancy ways to do so. Most websites use messaging services. For example, we do see scans for SMS plugins for WordPress:
These scans look for style sheet files (.css) that are part of the respective plugins. It is fair to assume that if the respective style sheet is present, the attacker will attempt to obtain access to the site ...
Read the full entry: https://isc.sans.edu/diary/More+Scans+for+SMS+Gateways+and+APIs/31902/
Web Scanning SonicWall for CVE-2021-20016 (2025.04.29)
https://isc.sans.edu/diary/Web+Scanning+Sonicwall+for+CVE202120016/31906/
Example of a Payload Delivered Through Steganography (2025.04.25)
https://isc.sans.edu/diary/Example+of+a+Payload+Delivered+Through+Steganography/31892/
Attacks against Teltonika Networks SMS Gateways (2025.04.24)
https://isc.sans.edu/diary/Attacks+against+Teltonika+Networks+SMS+Gateways/31888/
The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.
Product: SAP NetWeaver Visual Composer
CVSS Score: 10.0
** KEV since 2025-04-29 **
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-31324
ISC Podcast:
https://isc.sans.edu/podcastdetail/9426
NVD References:
-
https://me.sap.com/notes/3594142
-
https://url.sap/sapsecuritypatchday
-
-
Product: Commvault Command Center Innovation Release
CVSS Score: 10.0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-34028
ISC Podcast:
https://isc.sans.edu/podcastdetail/9424
NVD References:
https://documentation.commvault.com/securityadvisories/CV_2025_04_1.html
Product: Commvault
CVSS Score: 8.8
** KEV since 2025-04-28 **
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-3928
NVD References:
https://documentation.commvault.com/securityadvisories/CV_2025_03_1.html
Product: Sonicwall Sma_500V -
CVSS Score: 0
** KEV since 2021-11-03 **
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2021-20016
ISC Diary:
Product: Broadcom Fabric Operating System
CVSS Score: 6.7
** KEV since 2025-04-28 **
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-1976
NVD References:
Product: ppp pppd
CVSS Score: 9.3
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2024-58250
NVD References:
-
https://github.com/ppp-project/ppp/commit/0a66ad22e54c72690ec2a29a019767c55c5281fc
-
https://github.com/ppp-project/ppp/compare/v2.5.1...v2.5.2
-
Product: forkosh Mime Tex
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2024-40446
NVD References:
-
https://github.com/TaiYou-TW/CVE-2024-40445_CVE-2024-40446/
-
Product: TOTOLINK A800R
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28034
NVD References:
Product: TOTOLINK A810R
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28024
NVD References:
https://locrian-lightning-dc7.notion.site/BufferOverflow5-1978e5e2b1a2800caaced7ae3fb4783c
Product: TOTOLINK A810R
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28037
NVD References:
https://locrian-lightning-dc7.notion.site/RCE3-1ad8e5e2b1a280e192e8cff9fef896cc
Product: TOTOLINK A830R
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28035
NVD References:
CVE-2025-28036 - TOTOLINK A950RG V4.1.2cu.5161_B20200903 is vulnerable to remote command execution via the NoticeUrl parameter in the setNoticeCfg function.
Product: TOTOLINK A950Rg
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28036
NVD References:
Product: TOTOLINK EX1200T
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28038
NVD References:
https://locrian-lightning-dc7.notion.site/RCE1-1ad8e5e2b1a28030a1c8febac89935a0
Product: TOTOLINK EX1200T
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-28039
NVD References:
https://locrian-lightning-dc7.notion.site/RCE2-1ad8e5e2b1a280fbb0cacc7e758e7299
Product: IBM Hardware Management Console - Power Systems
CVSS Score: 9.3
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-1950
NVD References:
Product: Hospital Management System v4.0
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2023-43958
NVD References:
Product: Oretnom23 Student Study Center Desk Management System
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2023-44752
NVD References:
Product: Sacco Management system v1.0
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2023-44755
NVD References:
Product: TCPWave DDI 11.34P1C2CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-43946NVD References: -https://github.com/Henkel-CyberVM/CVEs/tree/main/CVE-2025-43946-https://tcpwave.com/ddi-dns-dhcp-ipamCVE-2025-43949 - MuM MapEdit 24.2.3 is vulnerable to SQL Injection, enabling attackers to manipulate the web application's database server through malicious SQL statements.Product: MuM (Mensch und Maschine) MapEditCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-43949NVD References: -https://github.com/Henkel-CyberVM/CVEs/tree/main/CVE-2025-43949-https://www.mum.de/produkte/mum-mapeditCVE-2025-43951 - LabVantage allows authenticated users to retrieve arbitrary files from the environment via local file inclusion using the objectname request parameter.Product: LabVantage LVCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-43951NVD References: -https://github.com/Henkel-CyberVM/CVEs/tree/main/CVE-2025-43951-https://www.labvantage.com/informatics/lims/CVE-2025-37087 - HPE Performance Cluster Manager (HPCM) is vulnerable to an attack that could allow unauthorized access to server files.Product: Hewlett Packard Enterprise HPE Performance Cluster ManagerCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-37087NVD References:https://support.hpe.com/hpesc/docDisplay?docLocale=en_US&docId=a00146087en_usCVE-2025-45427, CVE-2025-45428, CVE-2025-45429 - Tenda AC9 v1.0 with firmware V15.03.05.14_multi is vulnerable to a stack overflowsProduct: Tenda AC9 v1.0CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-45427NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-45428NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-45429NVD References: -https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/WifiBasicSet-security.md-https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/SetSysAutoRebbotCfg-rebootTime.md-https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/WifiWpsStart-index.mdCVE-2025-43858 - YoutubeDLSharp is vulnerable to command injection through unsafe argument conversions when starting `yt-dlp` on Windows OS with `UseWindowsEncodingWorkaround` set to true.Product: YoutubeDLSharp yt-dlpCVSS Score: 9.2NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-43858NVD References: -https://github.com/Bluegrams/YoutubeDLSharp/commit/b6051372bd5af30f95f73de47d9bc71c3a07de0f-https://github.com/Bluegrams/YoutubeDLSharp/commit/fdf3256da18d0e2da4a2f33ad4a1b72ff8273a50-https://github.com/Bluegrams/YoutubeDLSharp/security/advisories/GHSA-2jh5-g5ch-43q5CVE-2025-43859 - h11's parsing leniency in HTTP/1.1 versions prior to 0.16.0 can lead to request smuggling vulnerabilities.Product: h11 Python implementation of HTTP/1.1CVSS Score: 9.1NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-43859NVD References: -https://github.com/python-hyper/h11/commit/114803a29ce50116dc47951c690ad4892b1a36ed-https://github.com/python-hyper/h11/security/advisories/GHSA-vqfr-h8mv-ghfjCVE-2025-46271 - UNI-NMS-Lite is vulnerable to a command injection attack that could allow an unauthenticated attacker to read or manipulate device data.Product: UNI-NMS LiteCVSS Score: 9.1NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46271NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06CVE-2025-46273 - UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to gain administrative privileges to all UNI-NMS managed devices.Product: UNI-NMS-LiteCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46273NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06CVE-2025-46274 - UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to read, manipulate and create entries in the managed database.Product: UNI-NMS-LiteUNI-NMS-Lite, product nameCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46274NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06CVE-2025-46272 - WGS-80HPT-V2 and WGS-4215-8T2S are vulnerable to command injection attacks, allowing unauthenticated attackers to execute OS commands on the host system.Product: Winstar WGS-80HPT-V2CVSS Score: 9.1NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46272NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06CVE-2025-46275 - WGS-80HPT-V2 and WGS-4215-8T2S have a vulnerability that allows attackers to create an admin account without credentials.Product: Winstar WGS-80HPT-V2CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46275NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06CVE-2025-46616 - StorNext Web GUI API before 7.2.4 allows Arbitrary Remote Code Execution through file uploads, impacting various StorNext products.Product: Quantum StorNext Web GUI APICVSS Score: 9.9NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46616NVD References:https://www.quantum.com/en/service-support/security-bulletins/stornext-gui-multiple-security-vulnerabilities-stornext-gui-multiple-security-vulner…
Product: MuM (Mensch und Maschine) MapEditCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-43949NVD References: -https://github.com/Henkel-CyberVM/CVEs/tree/main/CVE-2025-43949-https://www.mum.de/produkte/mum-mapeditCVE-2025-43951 - LabVantage allows authenticated users to retrieve arbitrary files from the environment via local file inclusion using the objectname request parameter.Product: LabVantage LVCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-43951NVD References: -https://github.com/Henkel-CyberVM/CVEs/tree/main/CVE-2025-43951-https://www.labvantage.com/informatics/lims/CVE-2025-37087 - HPE Performance Cluster Manager (HPCM) is vulnerable to an attack that could allow unauthorized access to server files.Product: Hewlett Packard Enterprise HPE Performance Cluster ManagerCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-37087NVD References:https://support.hpe.com/hpesc/docDisplay?docLocale=en_US&docId=a00146087en_usCVE-2025-45427, CVE-2025-45428, CVE-2025-45429 - Tenda AC9 v1.0 with firmware V15.03.05.14_multi is vulnerable to a stack overflowsProduct: Tenda AC9 v1.0CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-45427NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-45428NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-45429NVD References: -https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/WifiBasicSet-security.md-https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/SetSysAutoRebbotCfg-rebootTime.md-https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/WifiWpsStart-index.mdCVE-2025-43858 - YoutubeDLSharp is vulnerable to command injection through unsafe argument conversions when starting `yt-dlp` on Windows OS with `UseWindowsEncodingWorkaround` set to true.Product: YoutubeDLSharp yt-dlpCVSS Score: 9.2NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-43858NVD References: -https://github.com/Bluegrams/YoutubeDLSharp/commit/b6051372bd5af30f95f73de47d9bc71c3a07de0f-https://github.com/Bluegrams/YoutubeDLSharp/commit/fdf3256da18d0e2da4a2f33ad4a1b72ff8273a50-https://github.com/Bluegrams/YoutubeDLSharp/security/advisories/GHSA-2jh5-g5ch-43q5CVE-2025-43859 - h11's parsing leniency in HTTP/1.1 versions prior to 0.16.0 can lead to request smuggling vulnerabilities.Product: h11 Python implementation of HTTP/1.1CVSS Score: 9.1NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-43859NVD References: -https://github.com/python-hyper/h11/commit/114803a29ce50116dc47951c690ad4892b1a36ed-https://github.com/python-hyper/h11/security/advisories/GHSA-vqfr-h8mv-ghfjCVE-2025-46271 - UNI-NMS-Lite is vulnerable to a command injection attack that could allow an unauthenticated attacker to read or manipulate device data.Product: UNI-NMS LiteCVSS Score: 9.1NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46271NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06CVE-2025-46273 - UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to gain administrative privileges to all UNI-NMS managed devices.Product: UNI-NMS-LiteCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46273NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06CVE-2025-46274 - UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to read, manipulate and create entries in the managed database.Product: UNI-NMS-LiteUNI-NMS-Lite, product nameCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46274NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06CVE-2025-46272 - WGS-80HPT-V2 and WGS-4215-8T2S are vulnerable to command injection attacks, allowing unauthenticated attackers to execute OS commands on the host system.Product: Winstar WGS-80HPT-V2CVSS Score: 9.1NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46272NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06CVE-2025-46275 - WGS-80HPT-V2 and WGS-4215-8T2S have a vulnerability that allows attackers to create an admin account without credentials.Product: Winstar WGS-80HPT-V2CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46275NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06CVE-2025-46616 - StorNext Web GUI API before 7.2.4 allows Arbitrary Remote Code Execution through file uploads, impacting various StorNext products.Product: Quantum StorNext Web GUI APICVSS Score: 9.9NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46616NVD References:https://www.quantum.com/en/service-support/security-bulletins/stornext-gui-multiple-security-vulnerabilities-stornext-gui-multiple-security-vulnerabilities/CVE-2025-32432 - Craft CMS versions 3.0.0-RC1 to 3.9.15, 4.0.0-RC1 to 4.14.15, and 5.0.0-RC1 to 5.6.17 are vulnerable to remote code execution, patched in versions 3.9.15, 4.14.15, and 5.6.17 as an additional fix for CVE-2023-41892.Product: Craft CMSCVSS Score: 10.0NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-32432NVD References: -https://github.com/craftcms/cms/security/a…
Product: LabVantage LVCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-43951NVD References: -https://github.com/Henkel-CyberVM/CVEs/tree/main/CVE-2025-43951-https://www.labvantage.com/informatics/lims/CVE-2025-37087 - HPE Performance Cluster Manager (HPCM) is vulnerable to an attack that could allow unauthorized access to server files.Product: Hewlett Packard Enterprise HPE Performance Cluster ManagerCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-37087NVD References:https://support.hpe.com/hpesc/docDisplay?docLocale=en_US&docId=a00146087en_usCVE-2025-45427, CVE-2025-45428, CVE-2025-45429 - Tenda AC9 v1.0 with firmware V15.03.05.14_multi is vulnerable to a stack overflowsProduct: Tenda AC9 v1.0CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-45427NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-45428NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-45429NVD References: -https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/WifiBasicSet-security.md-https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/SetSysAutoRebbotCfg-rebootTime.md-https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/WifiWpsStart-index.mdCVE-2025-43858 - YoutubeDLSharp is vulnerable to command injection through unsafe argument conversions when starting `yt-dlp` on Windows OS with `UseWindowsEncodingWorkaround` set to true.Product: YoutubeDLSharp yt-dlpCVSS Score: 9.2NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-43858NVD References: -https://github.com/Bluegrams/YoutubeDLSharp/commit/b6051372bd5af30f95f73de47d9bc71c3a07de0f-https://github.com/Bluegrams/YoutubeDLSharp/commit/fdf3256da18d0e2da4a2f33ad4a1b72ff8273a50-https://github.com/Bluegrams/YoutubeDLSharp/security/advisories/GHSA-2jh5-g5ch-43q5CVE-2025-43859 - h11's parsing leniency in HTTP/1.1 versions prior to 0.16.0 can lead to request smuggling vulnerabilities.Product: h11 Python implementation of HTTP/1.1CVSS Score: 9.1NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-43859NVD References: -https://github.com/python-hyper/h11/commit/114803a29ce50116dc47951c690ad4892b1a36ed-https://github.com/python-hyper/h11/security/advisories/GHSA-vqfr-h8mv-ghfjCVE-2025-46271 - UNI-NMS-Lite is vulnerable to a command injection attack that could allow an unauthenticated attacker to read or manipulate device data.Product: UNI-NMS LiteCVSS Score: 9.1NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46271NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06CVE-2025-46273 - UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to gain administrative privileges to all UNI-NMS managed devices.Product: UNI-NMS-LiteCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46273NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06CVE-2025-46274 - UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to read, manipulate and create entries in the managed database.Product: UNI-NMS-LiteUNI-NMS-Lite, product nameCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46274NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06CVE-2025-46272 - WGS-80HPT-V2 and WGS-4215-8T2S are vulnerable to command injection attacks, allowing unauthenticated attackers to execute OS commands on the host system.Product: Winstar WGS-80HPT-V2CVSS Score: 9.1NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46272NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06CVE-2025-46275 - WGS-80HPT-V2 and WGS-4215-8T2S have a vulnerability that allows attackers to create an admin account without credentials.Product: Winstar WGS-80HPT-V2CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46275NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06CVE-2025-46616 - StorNext Web GUI API before 7.2.4 allows Arbitrary Remote Code Execution through file uploads, impacting various StorNext products.Product: Quantum StorNext Web GUI APICVSS Score: 9.9NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46616NVD References:https://www.quantum.com/en/service-support/security-bulletins/stornext-gui-multiple-security-vulnerabilities-stornext-gui-multiple-security-vulnerabilities/CVE-2025-32432 - Craft CMS versions 3.0.0-RC1 to 3.9.15, 4.0.0-RC1 to 4.14.15, and 5.0.0-RC1 to 5.6.17 are vulnerable to remote code execution, patched in versions 3.9.15, 4.14.15, and 5.6.17 as an additional fix for CVE-2023-41892.Product: Craft CMSCVSS Score: 10.0NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-32432NVD References: -https://github.com/craftcms/cms/security/advisories/GHSA-f3gw-9ww9-jmc3-https://sensepost.com/blog/2025/investigating-an-in-the-wild-campaign-using-rce-in-craftcms/CVE-2025-25775 - Codeastro Bus Ticket Booking System v1.0 is vulnerable to SQL injection via the kodetiket parameter in /BusTicket-CI/tiket/cekorder.Product: Codeastro Bus Ticket Booking SystemCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-25775NVD References:…
Product: Hewlett Packard Enterprise HPE Performance Cluster Manager
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-37087
NVD References:
https://support.hpe.com/hpesc/docDisplay?docLocale=en_US&docId=a00146087en_us
Product: Tenda AC9 v1.0
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-45427
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-45428
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-45429
NVD References:
-
https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/WifiBasicSet-security.md
-
https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/SetSysAutoRebbotCfg-rebootTime.md
-
https://github.com/shuqi233/loophole/blob/main/Tenda%20AC9/WifiWpsStart-index.md
Product: YoutubeDLSharp yt-dlp
CVSS Score: 9.2
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-43858
NVD References:
-
https://github.com/Bluegrams/YoutubeDLSharp/commit/b6051372bd5af30f95f73de47d9bc71c3a07de0f
-
https://github.com/Bluegrams/YoutubeDLSharp/commit/fdf3256da18d0e2da4a2f33ad4a1b72ff8273a50
-
https://github.com/Bluegrams/YoutubeDLSharp/security/advisories/GHSA-2jh5-g5ch-43q5
Product: h11 Python implementation of HTTP/1.1CVSS Score: 9.1NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-43859NVD References: -https://github.com/python-hyper/h11/commit/114803a29ce50116dc47951c690ad4892b1a36ed-https://github.com/python-hyper/h11/security/advisories/GHSA-vqfr-h8mv-ghfjCVE-2025-46271 - UNI-NMS-Lite is vulnerable to a command injection attack that could allow an unauthenticated attacker to read or manipulate device data.Product: UNI-NMS LiteCVSS Score: 9.1NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46271NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06CVE-2025-46273 - UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to gain administrative privileges to all UNI-NMS managed devices.Product: UNI-NMS-LiteCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46273NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06CVE-2025-46274 - UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to read, manipulate and create entries in the managed database.Product: UNI-NMS-LiteUNI-NMS-Lite, product nameCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46274NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06CVE-2025-46272 - WGS-80HPT-V2 and WGS-4215-8T2S are vulnerable to command injection attacks, allowing unauthenticated attackers to execute OS commands on the host system.Product: Winstar WGS-80HPT-V2CVSS Score: 9.1NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46272NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06CVE-2025-46275 - WGS-80HPT-V2 and WGS-4215-8T2S have a vulnerability that allows attackers to create an admin account without credentials.Product: Winstar WGS-80HPT-V2CVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46275NVD References:https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06CVE-2025-46616 - StorNext Web GUI API before 7.2.4 allows Arbitrary Remote Code Execution through file uploads, impacting various StorNext products.Product: Quantum StorNext Web GUI APICVSS Score: 9.9NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46616NVD References:https://www.quantum.com/en/service-support/security-bulletins/stornext-gui-multiple-security-vulnerabilities-stornext-gui-multiple-security-vulnerabilities/CVE-2025-32432 - Craft CMS versions 3.0.0-RC1 to 3.9.15, 4.0.0-RC1 to 4.14.15, and 5.0.0-RC1 to 5.6.17 are vulnerable to remote code execution, patched in versions 3.9.15, 4.14.15, and 5.6.17 as an additional fix for CVE-2023-41892.Product: Craft CMSCVSS Score: 10.0NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-32432NVD References: -https://github.com/craftcms/cms/security/advisories/GHSA-f3gw-9ww9-jmc3-https://sensepost.com/blog/2025/investigating-an-in-the-wild-campaign-using-rce-in-craftcms/CVE-2025-25775 - Codeastro Bus Ticket Booking System v1.0 is vulnerable to SQL injection via the kodetiket parameter in /BusTicket-CI/tiket/cekorder.Product: Codeastro Bus Ticket Booking SystemCVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-25775NVD References: -https://codeastro.com/bus-ticket-booking-system-in-php-codeigniter-with-source-code/-https://github.com/arunmodi/Vulnerability-Research/tree/main/CVE-2025-25775CVE-2025-32980 - NETSCOUT nGeniusONE before 6.4.0 b2350 has a Weak Sudo Configuration.Product: NETSCOUT nGeniusONECVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-32980NVD References:https://www.netscout.com/securityadvisoriesCVE-2025-32985 - NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR files.Product: NETSCOUT nGeniusONECVSS Score: 9.8NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-32985NVD References:https://www.netscout.com/securityadvisoriesCVE-2025-3200 - Com-Server is vulnerable to interception and manipulation of encrypted communications by an unauthenticated remote attacker due to using insecure TLS 1.0 and TLS 1.1 protocols.Product: Comtrol Com-ServerCVSS Score: 9.1NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-3200NVD References:https://certvde.com/en/advisories/VDE-2025-031/CVE-2025-46661 - IPW Systems Metazo through 8.1.3 allows unauthenticated Remote Code Execution due to Server-Side Template-Injection, but all instances have been patched by the Supplier.Product: IPW Systems MetazoCVSS Score: 10.0NVD:https://nvd.nist.gov/vuln/detail/CVE-2025-46661NVD References: -https://code-white.com/public-vulnerability-list/-https://www.ipwsystems.com/CVE-2015-2079 - Usermin 0.980 through 1.x before 1.660 is vulnerable to remote code execution via uconfig_save.cgi due to its use of the two argument form of Perl open.Product: Usermin 0.980 through 1.x before 1.660CVSS Score: 9.9NVD:https://nvd.nist.gov/vuln/detail/CVE-2015-2079NVD References: -https://code-white.com/blog/2015-05-cve-2015-2079-rce-usermin/-https://code-white.com/public-vulnerability-list/CVE-2025-45947 - PHPGurukul Online Banquet Booking System V1.2…
Product: Winstar WGS-80HPT-V2
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-46272
NVD References:
https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06
Product: Winstar WGS-80HPT-V2
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-46275
NVD References:
https://www.cisa.gov/news-events/ics-advisories/icsa-25-114-06
Product: Quantum StorNext Web GUI API
CVSS Score: 9.9
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-46616
NVD References:
Product: Craft CMS
CVSS Score: 10.0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-32432
NVD References:
-
https://github.com/craftcms/cms/security/advisories/GHSA-f3gw-9ww9-jmc3
-
https://sensepost.com/blog/2025/investigating-an-in-the-wild-campaign-using-rce-in-craftcms/
Product: Codeastro Bus Ticket Booking System
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-25775
NVD References:
-
https://codeastro.com/bus-ticket-booking-system-in-php-codeigniter-with-source-code/
-
https://github.com/arunmodi/Vulnerability-Research/tree/main/CVE-2025-25775
Product: NETSCOUT nGeniusONE
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-32980
NVD References:
Product: NETSCOUT nGeniusONE
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-32985
NVD References:
Product: Comtrol Com-Server
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-3200
NVD References:
Product: IPW Systems Metazo
CVSS Score: 10.0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-46661
NVD References:
-
https://code-white.com/public-vulnerability-list/
-
Product: Usermin 0.980 through 1.x before 1.660
CVSS Score: 9.9
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2015-2079
NVD References:
-
https://code-white.com/blog/2015-05-cve-2015-2079-rce-usermin/
-
https://code-white.com/public-vulnerability-list/
CVE-2025-45947 - PHPGurukul Online Banquet Booking System V1.2 is vulnerable to arbitrary code execution through the /obbs/change-password.php file in the My Account - Change Password component.
Product: PHPGurukul Online Banquet Booking System V1.2
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-45947
NVD References:
-
-
https://github.com/VasilVK/CVE/blob/main/CVE-2025-45947/README.MD
CVE-2025-45949 - PHPGurukul User Registration & Login and User Management System V3.3 is vulnerable to a Session Hijacking attack due to improper handling of session data in the Change Password component.
Product: PHPGurukul User Registration & Login and User Management System V3.3
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-45949
NVD References:
-
-
https://github.com/VasilVK/CVE/blob/main/CVE-2025-45949/README.MD
CVE-2025-45953 - PHPGurukul Hostel Management System 2.1 is vulnerable to a Session Hijacking attack in the user panel's Change Password component due to improper handling of session data in the /hostel/change-password.php file.
Product: PHPGurukul Hostel Management System 2.1
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-45953
NVD References:
-
-
https://github.com/VasilVK/CVE/blob/main/CVE-2025-45953/README.MD
CVE-2025-24252 - macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4, iPadOS 18.4, and visionOS 2.4 prior to the update suffered from a use-after-free vulnerability that could allow a local network attacker to corrupt process memory.
Product: Multiple Apple products
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-24252
NVD References:
-
https://support.apple.com/en-us/122371
-
https://support.apple.com/en-us/122372
-
https://support.apple.com/en-us/122373
-
https://support.apple.com/en-us/122374
-
https://support.apple.com/en-us/122375
-
https://support.apple.com/en-us/122377
-
https://support.apple.com/en-us/122378
CVE-2025-46348 - YesWiki allows for unauthorized site backups to be created and downloaded, potentially leading to file system overload or exposure of sensitive information.
Product: YesWiki
CVSS Score: 10.0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-46348
NVD References:
-
https://github.com/YesWiki/yeswiki/commit/0d4efc880a727599fa4f6d7a64cc967afe475530
-
https://github.com/YesWiki/yeswiki/security/advisories/GHSA-wc9g-6j9w-hr95
CVE-2025-32444 - vLLM is vulnerable to remote code execution due to insecure ZeroMQ sockets when integrated with mooncake versions prior to 0.8.5.
Product: mooncake, Google LLC
CVSS Score: 10.0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-32444
NVD References:
-
-
https://github.com/vllm-project/vllm/commit/a5450f11c95847cf51a17207af9a3ca5ab569b2c
-
https://github.com/vllm-project/vllm/security/advisories/GHSA-hj4w-hm2g-p6w5
-
https://github.com/vllm-project/vllm/security/advisories/GHSA-x3m8-f7g5-qhm7
CVE-2025-21204 - Improper link resolution before file access ('link following') in Windows Update Stack allows an authorized attacker to elevate privileges locally.
Product: Microsoft Windows Update Stack
CVSS Score: 0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-21204
ISC Podcast:
https://isc.sans.edu/podcastdetail/9424
CVE-2025-3065 - The Database Toolset plugin is vulnerable to arbitrary file deletion leading to potential remote code execution in versions up to 1.8.4.
Product: Database Toolset plugin
Active Installations: This plugin has been closed as of April 22, 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-3065
NVD References:
-
-
https://wordpress.org/plugins/database-toolset/
-
CVE-2025-3603 - The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover due to lack of proper user identity validation, allowing unauthenticated attackers to change passwords and gain unauthorized access.
Product: Flynax Bridge plugin for WordPress
Active Installations: This plugin has been closed as of April 22, 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-3603
NVD References:
-
https://plugins.trac.wordpress.org/browser/flynax-bridge/trunk/request.php
-
CVE-2025-3604 - The Flynax Bridge plugin for WordPress up to version 2.2.0 allows unauthenticated attackers to change email addresses and escalate privileges through account takeover.
Product: Flynax Bridge plugin for WordPress
Active Installations: This plugin has been closed as of April 22, 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-3604
NVD References:
-
https://plugins.trac.wordpress.org/browser/flynax-bridge/trunk/request.php
-
CVE-2025-46248 - Frontend Dashboard is vulnerable to SQL Injection due to improper neutralization of special elements, affecting versions from n/a through 2.2.5.
Product: M A Vinoth Kumar Frontend Dashboard
Active Installations: 700+
CVSS Score: 9.3
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-46248
NVD References:
CVE-2025-46264 - Angelo Mandato PowerPress Podcasting allows unrestricted upload of file types, enabling a web shell to be uploaded to a web server.
Product: Angelo Mandato PowerPress Podcasting
Active Installations: 30,000+
CVSS Score: 9.9
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-46264
NVD References:
CVE-2025-2470 - The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation up to version 5.1, allowing unauthenticated attackers to register an account with Administrator privileges through the 'nsl_registration_store_extra_input' function when using the Nextend Social Login plugin.
Product: Service Finder Service Finder Bookings plugin
Active Installations: Unknown. Update to version 6.0, or a newer patched version
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-2470
NVD References:
-
https://themeforest.net/item/service-finder-service-and-business-listing-wordpress-theme/15208793
-
CVE-2025-2907 - The Order Delivery Date WordPress plugin before 12.3.1 is vulnerable to authorization bypass and CSRF attacks, allowing attackers to manipulate user roles and gain administrative access to the site.
Product: WordPress Order Delivery Date WordPress plugin
Active Installations: 10,000+
CVSS Score: 9.8
NVD:
Product: PHPGurukul Online Banquet Booking System V1.2
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-45947
NVD References:
-
-
https://github.com/VasilVK/CVE/blob/main/CVE-2025-45947/README.MD
Product: PHPGurukul User Registration & Login and User Management System V3.3
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-45949
NVD References:
-
-
https://github.com/VasilVK/CVE/blob/main/CVE-2025-45949/README.MD
Product: PHPGurukul Hostel Management System 2.1
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-45953
NVD References:
-
-
https://github.com/VasilVK/CVE/blob/main/CVE-2025-45953/README.MD
Product: Multiple Apple products
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-24252
NVD References:
-
https://support.apple.com/en-us/122371
-
https://support.apple.com/en-us/122372
-
https://support.apple.com/en-us/122373
-
https://support.apple.com/en-us/122374
-
https://support.apple.com/en-us/122375
-
https://support.apple.com/en-us/122377
-
Product: YesWiki
CVSS Score: 10.0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-46348
NVD References:
-
https://github.com/YesWiki/yeswiki/commit/0d4efc880a727599fa4f6d7a64cc967afe475530
-
https://github.com/YesWiki/yeswiki/security/advisories/GHSA-wc9g-6j9w-hr95
Product: mooncake, Google LLC
CVSS Score: 10.0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-32444
NVD References:
-
-
https://github.com/vllm-project/vllm/commit/a5450f11c95847cf51a17207af9a3ca5ab569b2c
-
https://github.com/vllm-project/vllm/security/advisories/GHSA-hj4w-hm2g-p6w5
-
https://github.com/vllm-project/vllm/security/advisories/GHSA-x3m8-f7g5-qhm7
Product: Microsoft Windows Update Stack
CVSS Score: 0
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-21204
ISC Podcast:
Product: Database Toolset plugin
Active Installations: This plugin has been closed as of April 22, 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.1
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-3065
NVD References:
-
-
https://wordpress.org/plugins/database-toolset/
-
Product: Flynax Bridge plugin for WordPress
Active Installations: This plugin has been closed as of April 22, 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-3603
NVD References:
-
https://plugins.trac.wordpress.org/browser/flynax-bridge/trunk/request.php
-
Product: Flynax Bridge plugin for WordPress
Active Installations: This plugin has been closed as of April 22, 2025 and is not available for download. This closure is temporary, pending a full review.
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-3604
NVD References:
-
https://plugins.trac.wordpress.org/browser/flynax-bridge/trunk/request.php
-
Product: M A Vinoth Kumar Frontend Dashboard
Active Installations: 700+
CVSS Score: 9.3
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-46248
NVD References:
Product: Angelo Mandato PowerPress Podcasting
Active Installations: 30,000+
CVSS Score: 9.9
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-46264
NVD References:
Product: Service Finder Service Finder Bookings plugin
Active Installations: Unknown. Update to version 6.0, or a newer patched version
CVSS Score: 9.8
NVD:
https://nvd.nist.gov/vuln/detail/CVE-2025-2470
NVD References:
-
https://themeforest.net/item/service-finder-service-and-business-listing-wordpress-theme/15208793
-
Product: WordPress Order Delivery Date WordPress plugin
Active Installations: 10,000+
CVSS Score: 9.8
NVD:
Mastering AI Security: Your Essential Guide Learn how to secure your AI pipelines and stay ahead of AI-specific risks at every stage with the new AI-SPM for Dummies guide. Get the Guide
SANS Emerging Threats Summit 2025 | Wednesday, May 14 Join us for this interactive Live Online Summit as we bring together the brightest minds in cybersecurity to tackle the battles of tomorrow, today. Together, we can work toward solutions that will help organizations prepare for and defend against the next generation of cyber threats. Register for this virtual event today.
SANS Emerging Threats Summit 2025 | Wednesday, May 14 Join us for this interactive Live Online Summit as we bring together the brightest minds in cybersecurity to tackle the battles of tomorrow, today. Together, we can work toward solutions that will help organizations prepare for and defend against the next generation of cyber threats. Register for this virtual event today.
Webcast | Collaborative Mobile App Security Development and Analysis | May 20, 1:00 ET Mobile app security is more criticalÑand more complexÑthan ever. With growing pressure to release quickly, mobile security teams often face tough trade-offs: limited access to devices, remote team coordination challenges, and slow, unreliable emulators that fail to mirror real-world behavior. Join SANS Certified Instructor Jeroen Beckers as he shares how to overcome these challenges and modernize your mobile security testing.