SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
SEC595Cyber Defense, Artificial Intelligence
SANS Community Benefits
Connect, learn, and share with other cybersecurity professionals
VOLUME 25ISSUE 25
The Consensus Security Vulnerability Alert
Internet Storm Center Spotlight
ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html
Scans for Ichano AtHome IP Cameras
Published: 2025-06-23
Last Updated: 2025-06-23 15:33:55 UTC
by Johannes Ullrich (Version: 1)
Ichano's "AtHome Camera" is a bit of a different approach to home surveillance cameras. Instead of a hardware camera solution, this product is a software solution that turns existing devices like computers and tablets into webcams. The software implements features we know from similar IP camera devices. It enabled streaming of images and remote access to features like motion detection and alerting.
Back in 2017, a hard-coded username and password vulnerability was identified in the product (CVE-2017-17761). It is kind of odd that it took so long for this username to show up in scans against our honeypots, but I noticed it on June 18th. The password attempted is "123", as outlined in CVE-2017-17761. It is not clear if this issue was ever fixed by Ichano.
IP addresses scanning for this username and password combination are also scanning for other typical "IoT" default usernames and passwords, with usernames like "root", "admin", "gast", "gpon" and others.
Some of the IP addresses actively scanning ...
Read the full entry: https://isc.sans.edu/diary/Scans+for+Ichano+AtHome+IP+Cameras/32062/
ADS & Python Tools
Published: 2025-06-21
Last Updated: 2025-06-21 10:13:41 UTC
by Didier Stevens (Version: 1)
Ehsaan Mavani talks about Alternate Data Streams (ADS) in diary entry "Alternate Data Streams ? Adversary Defense Evasion and Detection [Guest Diary]".
I'm taking this as an opportunity to remind you that Python tools on Windows and an NTFS disk, can access alternate data streams.
Like my tool cut-bytes<.>py, here I use it to show the content of the Mark-of-the-Web stored inside the Zone.Identifier ADS ...
Read the full entry: https://isc.sans.edu/diary/ADS+Python+Tools/32058/
Internet Storm Center Entries
Quick Password Brute Forcing Evolution Statistics (2025.06.24)
https://isc.sans.edu/diary/Quick+Password+Brute+Forcing+Evolution+Statistics/32068/
Microsoft Patch Tuesday June 2025 (2025.06.10)
https://isc.sans.edu/diary/Microsoft+Patch+Tuesday+June+2025/32032/
Recent CVEs
The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.
CVE-2025-34508 - ZendTo versions 6.15-7 and prior suffer from a path traversal vulnerability, allowing a remote attacker to access files of other users or cause denial of service.
Product: ZendTo
CVSS Score: 6.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-34508
ISC Podcast: https://isc.sans.edu/podcastdetail/9500
NVD References:
cve-2025-34508 - another-file-sharing-application-another-path-traversal/
CVE-2025-4404 - FreeIPA project suffers from a privilege escalation vulnerability due to a lack of validation for the uniqueness of the `krbCanonicalName`, enabling users to impersonate the admin account and gain access to sensitive data within the REALM.
Product: FreeIPA
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4404
NVD References: https://bugzilla.redhat.com/show_bug.cgi?id=2364606
CVE-2025-49219 & CVE-2025-49220 - Trend Micro Apex Central below versions 8.0.7007 pre-authentication remote code execution vulnerabilities.
Product: Trend Micro Apex Central
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49219
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49220
NVD References:
- https://success.trendmicro.com/en-US/solution/KA-0019926
- https://www.zerodayinitiative.com/advisories/ZDI-25-366/
- https://www.zerodayinitiative.com/advisories/ZDI-25-367/
CVE-2025-49212, CVE-2025-49213, & CVE-2025-49217 - Trend Micro Endpoint Encryption PolicyServer pre-authentication remote code execution vulnerabilities.
Product: Trend Micro Endpoint Encryption PolicyServer
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49212
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49213
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49217
NVD References:
- https://success.trendmicro.com/en-US/solution/KA-0019928
- https://www.zerodayinitiative.com/advisories/ZDI-25-369/
- https://www.zerodayinitiative.com/advisories/ZDI-25-370/
- https://www.zerodayinitiative.com/advisories/ZDI-25-374/
CVE-2025-49216 - Trend Micro Endpoint Encryption PolicyServer is vulnerable to an authentication bypass that allows attackers to gain admin access and modify product configurations.
Product: Trend Micro Endpoint Encryption PolicyServer
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49216
NVD References:
- https://success.trendmicro.com/en-US/solution/KA-0019928
- https://www.zerodayinitiative.com/advisories/ZDI-25-373/
CVE-2025-49825 - Teleport is vulnerable to remote authentication bypass in Community Edition versions before and including 17.5.1 with no available open-source patch.
Product: Teleport Community Edition
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49825
NVD References: https://github.com/gravitational/teleport/security/advisories/GHSA-8cqv-pj7f-pwpc
CVE-2025-45784 - D-Link DPH-400S/SE VoIP Phone v1.01 is vulnerable to hardcoded provisioning variables that may expose sensitive user credentials, allowing attackers to potentially access device functions or user accounts.
Product: D-Link DPH-400S/SE VoIP Phone
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-45784
NVD References:
- https://cybermaya.in/posts/Post-37/
- https://www.dlink.com/en/security-bulletin/
CVE-2025-46157 - EfroTech Time Trax v.1.0 is vulnerable to a remote code execution attack via the file attachment function in the leave request form.
CVE-2025-20260 - ClamAV is vulnerable to a buffer overflow condition in its PDF scanning processes, allowing an attacker to potentially execute arbitrary code on an affected device.
Product: ClamAV DF scanning processes
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-20260
NVD References: https://blog.clamav.net/2025/06/clamav-143-and-109-security-patch.html
CVE-2025-26198 - CloudClassroom-PHP-Project v.1.0 is vulnerable to SQL Injection in loginlinkadmin.php, enabling unauthenticated attackers to bypass authentication and gain administrative access.
Product: CloudClassroom-PHP-Project
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26198
CVE-2025-26199 - CloudClassroom PHP Project v.1.0 is vulnerable to remote code execution due to passwords being submitted in cleartext.
Product: CloudClassroom PHP Project v.1.0
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-26199
CVE-2024-45208 - The Versa Director SD-WAN orchestration platform is vulnerable to unauthorized administrative actions and remote code execution due to a flaw in the Cisco NCS application service communication over TCP ports 4566 and 4570.
Product: Versa Networks Versa Director SD-WAN orchestration platform
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45208
NVD References: https://docs.versa-networks.com/Solutions/System_Hardening/Perform_Manual_Hardening_for_Versa_Director#Harden_Port_4566
CVE-2025-24288 - The Versa Director software exposes multiple services by default, making it vulnerable to attackers exploiting default credentials and multiple accounts with sudo access, including ssh and postgres, although no known exploits have occurred.
Product: Versa Networks Versa Director
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24288
NVD References: https://security-portal.versa-networks.com/emailbulletins/68526d12dc94d6b9f2faf719
CVE-2025-52467 - pgai is a Python library that transforms PostgreSQL into a retrieval engine for RAG and Agentic applications and was vulnerable to an attack allowing exfiltration of all secrets prior to commit 8eb3567.
Product: pgai Python library
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-52467
NVD References: https://github.com/timescale/pgai/security/advisories/GHSA-89qq-hgvp-x37m
CVE-2025-50201 - WeGIA web manager for charitable institutions is vulnerable to OS Command Injection in version 3.4.2, allowing unauthenticated attackers to execute arbitrary commands on the server.
Product: WeGIA web manager
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-50201
NVD References: https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-52p5-5fmw-9hrf
CVE-2025-4738 - Yirmibes Software MY ERP before 1.170 is vulnerable to SQL Injection.
Product: Yirmibes Software MY ERP
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4738
NVD References: https://www.usom.gov.tr/bildirim/tr-25-0132
CVE-2025-33117 - IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 is vulnerable to allowing a privileged user to modify configuration files and upload malicious autoupdate files to execute arbitrary commands.
Product: IBM QRadar SIEM
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-33117
NVD References: https://www.ibm.com/support/pages/node/7237317
CVE-2025-4981 - Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5 have a vulnerability that allows authenticated users to upload archives with path traversal sequences in filenames, potentially leading to remote code execution.
Product: Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10.8.0, 10.7.x <= 10.7.2, 10.6.x <= 10.6.5
CVSS Score: 9.9
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4981
NVD References: https://mattermost.com/security-updates
CVE-2024-53298 - Dell PowerScale OneFS versions 9.5.0.0 through 9.10.0.1 is vulnerable to missing authorization in NFS exports, allowing unauthorized access to the filesystem by unauthenticated remote attackers.
Product: Dell PowerScale OneFS
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-53298
NVD References: https://www.dell.com/support/kbdoc/en-us/000326339/dsa-2025-208-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities
CVE-2025-32877 - COROS PACE 3 devices through 3.0808.0 are vulnerable to machine-in-the-middle attacks due to their lack of authentication during BLE interactions.
Product: COROS PACE 3 devices
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32877
NVD References: https://support.coros.com/hc/en-us/articles/20087694119828-COROS-PACE-3-Release-Notes
CVE-2025-32878 - COROS PACE 3 devices through 3.0808.0 are vulnerable to eavesdropping and manipulation of HTTPS communication due to lack of X.509 server certificate validation.
Product: COROS PACE 3
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32878
NVD References: https://support.coros.com/hc/en-us/articles/20087694119828-COROS-PACE-3-Release-Notes
CVE-2025-32880 - COROS PACE 3 devices through 3.0808.0 are susceptible to sniffing and man-in-the-middle attacks due to unencrypted communication during firmware downloads via WLAN.
Product: COROS PACE 3
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32880
NVD References: https://support.coros.com/hc/en-us/articles/20087694119828-COROS-PACE-3-Release-Notes
CVE-2025-48706 - COROS PACE is vulnerable to an out-of-bounds read issue via a crafted BLE message, leading to unintended device reboots.
Product: COROS PACE
CVSS Score: 9.1
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-48706
NVD References: https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2025-028.txt
CVE-2025-46179 - CloudClassroom-PHP Project v1.0 contains a SQL Injection vulnerability in the askquery.php file due to unsanitized input in the squeryx parameter.
Product: CloudClassroom-PHP Project v1.0
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-46179
CVE-2025-45890 - Directory Traversal vulnerability in novel plus before v.5.1.0 allows a remote attacker to execute arbitrary code via the filePath parameter
CVE-2025-44635 - The H3C ER2200G2, ERG2-450W, ERG2-1200W, ERG2-1350W, NR1200W series routers, H3C ER3100G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2, ER6300G2, ER8300G2, ER8300G2-X series routers, GR3200, GR5200, GR8300, GR-1800AX, GR-3000AX, and GR-5400AX routers are vulnerable to unauthorized remote command execution due to authentication bypass and injection of arbitrary malicious commands.
Product: H3C ER2200G2, ERG2-450W, ERG2-1200W, ERG2-1350W, NR1200W, ER3100G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2, ER6300G2, ER8300G2, ER8300G2-X, GR3200, GR5200, GR8300, GR-1800AX, GR-3000AX, GR-5400AX
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-44635
CVE-2025-49132 - Pterodactyl has a vulnerability that allows a malicious actor to execute arbitrary code without being authenticated, potentially leading to unauthorized access and data extraction.
Product: Pterodactyl game server management panel
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49132
NVD References: https://github.com/pterodactyl/panel/security/advisories/GHSA-24wv-6c99-f843
CVE-2024-45347 - Xiaomi Mi Connect Service APP is vulnerable to unauthorized access due to flawed validation logic, allowing attackers to gain unauthorized access to the victim’s device.
Product: Xiaomi Mi Connect Service APP
CVSS Score: 9.6
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-45347
CVE-2025-52921 - In Innoshop through 0.4.1, an attacker can achieve code execution on the server by exploiting the File Manager functions in the admin panel to upload and rename a crafted file with a .php extension.
Product: Innoshop
CVSS Score: 9.9
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-52921
NVD References: https://github.com/innocommerce/innoshop
CVE-2025-6512 - BRAIN2 allows for the execution of scripts by non-admin users in reports, which can later be run on the server with administrator privileges.
Product: BRAIN2 Server
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-6512
NVD References: https://www.bizerba.com/downloads/global/information-security/2025/bizerba-sa-2025-0004.pdf
CVE-2025-6513 - Standard Windows users can access the configuration file for database access of the BRAIN2 application and decrypt it.
Product: Nobeltec BRAIN2
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-6513
NVD References: https://www.bizerba.com/downloads/global/information-security/2025/bizerba-sa-2025-0003.pdf
CVE-2023-47297 - NCR Terminal Handler v1.5.1 is vulnerable to settings manipulation, enabling attackers to execute arbitrary commands and alter system security auditing configurations.
Product: NCR Terminal Handler
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-47297
NVD References: https://github.com/pwahba/cve-research/blob/main/CVE-2023-47297/CVE-2023-47297.md
CVE-2023-48978 - NCR ITM Web terminal v.4.4.0 and v.4.4.4 is vulnerable to remote code execution through a crafted script in the IP camera URL component.
Product: NCR ITM Web terminal
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48978
NVD References: https://github.com/pwahba/cve-research/blob/main/CVE-2023-48978/CVE-2023-48978.md
CVE-2023-47032 - NCR Terminal Handler v.1.5.1 is vulnerable to password exploitation, allowing remote attackers to execute arbitrary code.
Product: NCR Terminal Handler
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-47032
NVD References: https://github.com/pwahba/cve-research/blob/main/CVE-2023-47032/CVE-2023-47032.md
CVE-2023-47295 - NCR Terminal Handler v1.5.1 is vulnerable to CSV injection, enabling attackers to run arbitrary commands by inserting a malicious payload into text fields.
Product: NCR Terminal Handler
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-47295
NVD References: https://github.com/pwahba/cve-research/blob/main/CVE-2023-47295/CVE-2023-47295.md
CVE-2023-47031 - NCR Terminal Handler v.1.5.1 is vulnerable to remote privilege escalation via crafted POST requests to multiple SOAP API components.
CVE-2023-47030 - NCR Terminal Handler v.1.5.1 is vulnerable to remote code execution and sensitive information disclosure through a GET request to a UserService SOAP API endpoint.
Product: NCR Terminal Handler
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-47030
NVD References: https://github.com/pwahba/cve-research/blob/main/CVE-2023-47030/CVE-2023-47030.md
CVE-2025-46101 - Beakon Software Beakon Learning Management System SCORM version before 5.4.3 is vulnerable to SQL Injection, allowing a remote attacker to access sensitive information via the ks parameter in json_scorm.php file.
Product: Beakon Software Beakon Learning Management System Sharable Content Object Reference Model (SCORM)
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-46101
CVE-2025-52562 - Convoy's LocaleController component in versions 3.9.0-rc3 to before 4.4.1 allows unauthenticated remote attackers to execute arbitrary PHP files via a specially crafted HTTP request, patched in version 4.4.1, with a temporary workaround involving strict WAF rules.
Product: Performave Convoy
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-52562
NVD References: https://github.com/ConvoyPanel/panel/security/advisories/GHSA-43g3-qpwq-hfgg
CVE-2025-48469 - The vulnerable product could allow an unauthenticated attacker to upload firmware through a public update page, potentially resulting in backdoor installation or privilege escalation.
Product: Advantech WISE-4010LAN, WISE-4050LAN, WISE-4060LAN
CVSS Score: 9.6
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-48469
NVD References: https://jro.sg/CVEs/CVE-2025-48469/
NVD References: https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-061/
CVE-2025-6559 - Sapido wireless routers are vulnerable to OS Command Injection, allowing remote attackers to execute arbitrary commands on unsupported models.
Product: Sapido Multiple wireless router models
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-6559
NVD References:
- https://www.twcert.org.tw/en/cp-139-10195-69da1-2.html
- https://www.twcert.org.tw/tw/cp-132-10196-898d3-1.html
CVE-2025-6560 - Sapido wireless routers have an Exposure of Sensitive Information vulnerability allowing attackers to access plaintext administrator credentials remotely, making device replacement advisable.
Product: Sapido Multiple wireless router models
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-6560
NVD References:
- https://www.twcert.org.tw/en/cp-139-10198-55217-2.html
- https://www.twcert.org.tw/tw/cp-132-10197-524ea-1.html
CVE-2024-56731 - Gogs is vulnerable to remote command execution and unauthorized access to users' code due to an insufficient patch for
Product: Gogs Git service
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-56731
NVD References: https://github.com/gogs/gogs/security/advisories/GHSA-wj44-9vcg-wjq7
CVE-2025-50213 - Apache Airflow Providers Snowflake before 6.4.0 is vulnerable to Special Element Injection when copying from external stages.
Product: Apache Airflow Providers Snowflake
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-50213
NVD References: https://lists.apache.org/thread/2kqfmyt2pghg5f6797g8hzvq331v8qx3
CVE-2025-32975 - Quest KACE Systems Management Appliance (SMA) versions before 14.1.101 (Patch 4) have an authentication bypass vulnerability, enabling attackers to impersonate legitimate users without valid credentials and potentially gain complete administrative control.
Product: Quest KACE Systems Management Appliance (SMA)
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32975
NVD References:
- https://seclists.org/fulldisclosure/2025/Jun/22
-
cve-2025-32975 - cve-2025-32976-
cve-2025-32975-cve-2025-32976-
cve-2025-32977 - cve-2025-32978
CVE-2025-32977 - Quest KACE Systems Management Appliance (SMA) versions before 13.0.385, 13.1.81, 13.2.183, 14.0.341 (Patch 5), and 14.1.101 (Patch 4) allow unauthenticated users to upload malicious backup files, compromising system integrity.
Product: Quest KACE Systems Management Appliance (SMA)
CVSS Score: 9.6
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32977
NVD References:
cve-2025-32975 - cve-2025-32976-
cve-2025-32975-cve-2025-32976-
cve-2025-32977 - cve-2025-32978
CVE-2025-32977 - Quest KACE Systems Management Appliance (SMA) versions before 13.0.385, 13.1.81, 13.2.183, 14.0.341 (Patch 5), and 14.1.101 (Patch 4) allow unauthenticated users to upload malicious backup files, compromising system integrity.
Product: Quest KACE Systems Management Appliance (SMA)
CVSS Score: 9.6
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32977
NVD References:
- https://seclists.org/fulldisclosure/2025/Jun/24
CVE-2025-4383 - Art-in Bilişim Teknolojileri ve Yazılım Hizm. Tic. Ltd. Şti. Wi-Fi Cloud Hotspot allows Authentication Abuse and Bypass due to improper restriction of excessive authentication attempts.
Product: Art-in Bilişim Teknolojileri ve Yazılım Hizm. Tic. Ltd. Şti. Wi-Fi Cloud Hotspot
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4383
NVD References: https://www.usom.gov.tr/bildirim/tr-25-0134
CVE-2025-4378 - Ataturk University ATA-AOF Mobile Application is vulnerable to Cleartext Transmission of Sensitive Information and hard-coded credentials, allowing for Authentication Abuse and Bypass before 20.06.2025.
Product: Ataturk University ATA-AOF Mobile Application
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-4378
NVD References: https://www.usom.gov.tr/bildirim/tr-25-0135
CVE-2024-37743 - An issue in mmzdev KnowledgeGPT V.0.0.5 allows a remote attacker to execute arbitrary code via the Document Display Component.
Product: mmzdev KnowledgeGPT
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-37743
NVD References:
- https://github.com/mmz-001/knowledge_gpt/blob/main/knowledge_gpt/main.py
- https://medium.com/@cnetsec/vulnerability-identified-in-knowledgegpt-version-0-0-5-5168ec081842
CVE-2025-52571 - Hikka, a Telegram userbot, has a vulnerability in versions below 1.6.2 that allows an attacker to gain full access to users' accounts and the server.
Product: Hikka Telegram userbot
CVSS Score: 9.6
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-52571
NVD References: https://github.com/hikariatama/Hikka/security/advisories/GHSA-vwpq-wm8w-44wf
CVE-2025-52572 - Hikka, a Telegram userbot, has a vulnerability affecting all users on all versions, allowing attackers to remotely execute code and gain access to Telegram accounts.
Product: Hikka Telegram userbot
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-52572
NVD References: https://github.com/hikariatama/Hikka/security/advisories/GHSA-7x3c-335v-wxjj
CVE-2025-5777 - Insufficient input validation leading to memory overread on the NetScaler Management Interface NetScaler ADC and NetScaler Gateway
Product: Citrix NetScaler NetScaler ADC and NetScaler Gateway
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-5777
ISC Podcast: https://isc.sans.edu/podcastdetail/9502
NVD References: https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX693420
CVE-2025-6218 - RARLAB WinRAR is susceptible to a directory traversal remote code execution vulnerability, requiring user interaction to exploit, allowing attackers to execute arbitrary code.
Product: RARLAB WinRAR
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-6218
ISC Podcast: https://isc.sans.edu/podcastdetail/9502
NVD References:
- https://www.zerodayinitiative.com/advisories/ZDI-25-409/
CVE-2017-17761 - Ichano AtHome IP Camera devices allow remote unauthenticated LAN users to run arbitrary commands via the "noodles" binary on port 1300.
Product: Ichano Athome_Ip_Camera_Firmware -
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2017-17761
ISC Diary: https://isc.sans.edu/diary/32062
CVE-2025-24773 - WPCRM - CRM for Contact form CF7 & WooCommerce from n/a through 3.2.0 is vulnerable to SQL Injection.
Product: Mojoomla WPCRM - CRM for Contact form CF7 & WooCommerce
Active Installations: unknown
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24773
CVE-2025-30618 - Rapyd Payment Extension for WooCommerce is vulnerable to Deserialization of Untrusted Data, allowing Object Injection from version n/a through 1.2.0.
Product: Rapyd Payment Extension for WooCommerce
Active Installations: 500+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-30618
CVE-2025-31919 - Deserialization of Untrusted Data vulnerability in themeton Spare allows Object Injection. This issue affects Spare: from n/a through 1.7.
Product: themeton Spare
Active Installations: unknown
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-31919
NVD References: https://patchstack.com/database/wordpress/theme/spare/vulnerability/wordpress-spare-1-7-php-object-injection-vulnerability?_s_id=cve
CVE-2025-32510 - Ovatheme Events Manager allows malicious files to be uploaded due to an unrestricted file type vulnerability.
Product: Ovatheme Events Manager
Active Installations: unknown
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32510
CVE-2025-39479 - smartiolabs Smart Notification is vulnerable to Blind SQL Injection, impacting versions from n/a through 10.3.
Product: smartiolabs Smart Notification
Active Installations: unknown
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-39479
CVE-2025-47452 - RexTheme WP VR allows unrestricted upload of dangerous file types, potentially enabling the upload of a web shell to a web server, affecting versions up to 8.5.26.
Product: RexTheme WP VR
Active Installations: unknown
CVSS Score: 9.9
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47452
NVD References: https://patchstack.com/database/wordpress/plugin/wpvr/vulnerability/wordpress-wp-vr-8-5-26-arbitrary-file-upload-vulnerability?_s_id=cve
CVE-2025-47559 - MapSVG allows unrestricted upload of dangerous file types, potentially enabling the upload of a web shell to a web server.
Product: RomanCode MapSVG
Active Installations: 1,000+
CVSS Score: 9.9
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47559
NVD References: https://patchstack.com/database/wordpress/plugin/mapsvg/vulnerability/wordpress-mapsvg-plugin-8-5-32-arbitrary-file-upload-vulnerability?_s_id=cve
CVE-2025-47573 - Mojoomla School Management is vulnerable to Blind SQL Injection due to improper neutralization of special elements in SQL commands.
Product: Mojoomla School Management
Active Installations: unknown
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47573
NVD References: https://patchstack.com/database/wordpress/plugin/school-management/vulnerability/wordpress-school-management-system-plugin-92-0-0-sql-injection-vulnerability?_s_id=cve
CVE-2025-48274 - WP Job Portal is vulnerable to Blind SQL Injection from versions n/a through 2.3.2.
Product: WP Job Portal wpjobportal
Active Installations: 8,000+
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-48274
NVD References: https://patchstack.com/database/wordpress/plugin/wp-job-portal/vulnerability/wordpress-wp-job-portal-2-3-2-sql-injection-vulnerability?_s_id=cve
CVE-2025-49071 - NasaTheme Flozen allows uploading of a dangerous file type, allowing attackers to upload a web shell to a web server.
Product: NasaTheme Flozen
Active Installations: 100+
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49071
NVD References: https://patchstack.com/database/wordpress/theme/flozen-theme/vulnerability/wordpress-flozen-1-5-1-arbitrary-file-upload-vulnerability?_s_id=cve
CVE-2025-49330 - Integration for Contact Form 7 and Zoho CRM, Bigin is vulnerable to object injection due to deserialization of untrusted data.
Product: CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin
Active Installations: 3,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49330
CVE-2025-49444 - Merkulove Reformer for Elementor allows uploading dangerous file types, potentially enabling the upload of a web shell to a web server.
Product: Merkulove Reformer for Elementor
Active Installations: unknown
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49444
CVE-2025-49447 - FW Food Menu in Fastw3b LLC allows attackers to upload dangerous files, impacting versions from n/a to 6.0.0.
Product: Fastw3b LLC FW Food Menu
Active Installations: unknown
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49447
CVE-2025-49452 - PostaPanduri through 2.1.3 is vulnerable to SQL Injection due to improper neutralization of special elements used in an SQL command.
Product: Adrian Ladó PostaPanduri
Active Installations: 40+
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49452
NVD References: https://patchstack.com/database/wordpress/plugin/postapanduri/vulnerability/wordpress-postapanduri-2-1-3-sql-injection-vulnerability?_s_id=cve
CVE-2025-1562 - The Recover WooCommerce Cart Abandonment WordPress plugin is vulnerable to unauthorized plugin installation, allowing attackers to potentially infect a vulnerable site.
Product: FunnelKit Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation
Active Installations: 20,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1562
NVD References: https://www.wordfence.com/threat-intel/vulnerabilities/id/094972e6-7e02-4060-b069-e39c8cde9331?source=cve
CVE-2025-6218 - RARLAB WinRAR is susceptible to a directory traversal remote code execution vulnerability, requiring user interaction to exploit, allowing attackers to execute arbitrary code.
Product: RARLAB WinRAR
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-6218
ISC Podcast: https://isc.sans.edu/podcastdetail/9502
NVD References:
- https://www.zerodayinitiative.com/advisories/ZDI-25-409/
CVE-2017-17761 - Ichano AtHome IP Camera devices allow remote unauthenticated LAN users to run arbitrary commands via the "noodles" binary on port 1300.
Product: Ichano Athome_Ip_Camera_Firmware -
CVSS Score: 0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2017-17761
ISC Diary: https://isc.sans.edu/diary/32062
CVE-2025-24773 - WPCRM - CRM for Contact form CF7 & WooCommerce from n/a through 3.2.0 is vulnerable to SQL Injection.
Product: Mojoomla WPCRM - CRM for Contact form CF7 & WooCommerce
Active Installations: unknown
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-24773
CVE-2025-30618 - Rapyd Payment Extension for WooCommerce is vulnerable to Deserialization of Untrusted Data, allowing Object Injection from version n/a through 1.2.0.
Product: Rapyd Payment Extension for WooCommerce
Active Installations: 500+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-30618
CVE-2025-31919 - Deserialization of Untrusted Data vulnerability in themeton Spare allows Object Injection. This issue affects Spare: from n/a through 1.7.
Product: themeton Spare
Active Installations: unknown
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-31919
NVD References: https://patchstack.com/database/wordpress/theme/spare/vulnerability/wordpress-spare-1-7-php-object-injection-vulnerability?_s_id=cve
CVE-2025-32510 - Ovatheme Events Manager allows malicious files to be uploaded due to an unrestricted file type vulnerability.
Product: Ovatheme Events Manager
Active Installations: unknown
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-32510
CVE-2025-39479 - smartiolabs Smart Notification is vulnerable to Blind SQL Injection, impacting versions from n/a through 10.3.
Product: smartiolabs Smart Notification
Active Installations: unknown
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-39479
CVE-2025-47452 - RexTheme WP VR allows unrestricted upload of dangerous file types, potentially enabling the upload of a web shell to a web server, affecting versions up to 8.5.26.
Product: RexTheme WP VR
Active Installations: unknown
CVSS Score: 9.9
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47452
NVD References: https://patchstack.com/database/wordpress/plugin/wpvr/vulnerability/wordpress-wp-vr-8-5-26-arbitrary-file-upload-vulnerability?_s_id=cve
CVE-2025-47559 - MapSVG allows unrestricted upload of dangerous file types, potentially enabling the upload of a web shell to a web server.
Product: RomanCode MapSVG
Active Installations: 1,000+
CVSS Score: 9.9
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47559
NVD References: https://patchstack.com/database/wordpress/plugin/mapsvg/vulnerability/wordpress-mapsvg-plugin-8-5-32-arbitrary-file-upload-vulnerability?_s_id=cve
CVE-2025-47573 - Mojoomla School Management is vulnerable to Blind SQL Injection due to improper neutralization of special elements in SQL commands.
Product: Mojoomla School Management
Active Installations: unknown
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-47573
NVD References: https://patchstack.com/database/wordpress/plugin/school-management/vulnerability/wordpress-school-management-system-plugin-92-0-0-sql-injection-vulnerability?_s_id=cve
CVE-2025-48274 - WP Job Portal is vulnerable to Blind SQL Injection from versions n/a through 2.3.2.
Product: WP Job Portal wpjobportal
Active Installations: 8,000+
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-48274
NVD References: https://patchstack.com/database/wordpress/plugin/wp-job-portal/vulnerability/wordpress-wp-job-portal-2-3-2-sql-injection-vulnerability?_s_id=cve
CVE-2025-49071 - NasaTheme Flozen allows uploading of a dangerous file type, allowing attackers to upload a web shell to a web server.
Product: NasaTheme Flozen
Active Installations: 100+
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49071
NVD References: https://patchstack.com/database/wordpress/theme/flozen-theme/vulnerability/wordpress-flozen-1-5-1-arbitrary-file-upload-vulnerability?_s_id=cve
CVE-2025-49330 - Integration for Contact Form 7 and Zoho CRM, Bigin is vulnerable to object injection due to deserialization of untrusted data.
Product: CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin
Active Installations: 3,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49330
CVE-2025-49444 - Merkulove Reformer for Elementor allows uploading dangerous file types, potentially enabling the upload of a web shell to a web server.
Product: Merkulove Reformer for Elementor
Active Installations: unknown
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49444
CVE-2025-49447 - FW Food Menu in Fastw3b LLC allows attackers to upload dangerous files, impacting versions from n/a to 6.0.0.
Product: Fastw3b LLC FW Food Menu
Active Installations: unknown
CVSS Score: 10.0
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49447
CVE-2025-49452 - PostaPanduri through 2.1.3 is vulnerable to SQL Injection due to improper neutralization of special elements used in an SQL command.
Product: Adrian Ladó PostaPanduri
Active Installations: 40+
CVSS Score: 9.3
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-49452
NVD References: https://patchstack.com/database/wordpress/plugin/postapanduri/vulnerability/wordpress-postapanduri-2-1-3-sql-injection-vulnerability?_s_id=cve
CVE-2025-1562 - The Recover WooCommerce Cart Abandonment WordPress plugin is vulnerable to unauthorized plugin installation, allowing attackers to potentially infect a vulnerable site.
Product: FunnelKit Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation
Active Installations: 20,000+
CVSS Score: 9.8
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-1562
NVD References: https://www.wordfence.com/threat-intel/vulnerabilities/id/094972e6-7e02-4060-b069-e39c8cde9331?source=cve
Sponsors
Sevco Security
Imagine one platform consolidating your asset inventory, security controls, vulnerabilities, exposures, and threat intel so you can effectively manage cyber risk. Stop imagining, and start using Sevco toGain visibility across your entire attack surfacePrioritize the vulnerabilities that matterStreamline your cross-functional remediationTake this self-guided tour to learn more.
SANS
Webcast Event | SANS Utilities Forum | Tuesday, 26 August 2025 9:00AM ESTCyber threats to power, water, and critical systems are escalating. Join security leaders and practitioners to explore how OT and IT teams are working together to defend essential infrastructure. Sector-wide alignment. Reserve your spot
SANS
Webcast Event | SANS Utilities Forum | Tuesday, 26 August 2025 9:00AM ESTCyber threats to power, water, and critical systems are escalating. Join security leaders and practitioners to explore how OT and IT teams are working together to defend essential infrastructure. Sector-wide alignment. Reserve your spot
SANS
Webcast Event | SANS Utilities Forum | Tuesday, 26 August 2025 9:00AM ESTCyber threats to power, water, and critical systems are escalating. Join security leaders and practitioners to explore how OT and IT teams are working together to defend essential infrastructure. Sector-wide alignment. Reserve your spot