Overview CVE-2025-60739 describes a Cross-Site Request Forgery (CSRF) vulnerability affecting Ilevia EVE X1 Server Firmware versions up to and including v4.7.18.0.eden, and Logic Version v6.00 – 2025_07_21. This vulnerability, located within the /bh_web_backend component, allows a remote attacker to potentially execute arbitrary code on the affected server. CSRF vulnerabilities exploit the trust a website has in a user’s browser, enabling attackers to perform actions on behalf of an authenticated user without their knowledge or consent. Technical Details The vulnerability resides in the /bh_web_backend component of the Ilevia EVE X1 Server. Due to insufficient CSRF protection, an attacker can craft a…

This article details a high-severity stored Cross-Site Scripting (XSS) vulnerability, identified as CVE-2025-40890, affecting dashboard functionalities. This vulnerability allows a low-privilege attacker to inject malicious JavaScript code that can compromise user accounts and application data. Read on to understand the risks and learn how to protect your systems. Overview CVE-2025-40890 is a stored XSS vulnerability discovered in the dashboard feature of an application. Due to insufficient input validation, a malicious actor with low-level privileges can craft a dashboard containing a JavaScript payload. This malicious dashboard can then be shared with other users, or victims can be socially engineered into importing…

Overview CVE-2025-13467 is a medium-severity vulnerability affecting the LDAP User Federation provider in Keycloak. This flaw allows a malicious, authenticated realm administrator to trigger deserialization of untrusted Java objects through a specially crafted LDAP server configuration. Published on 2025-11-25T16:16:06.623, this vulnerability requires immediate attention from Keycloak administrators. Technical Details The vulnerability stems from insufficient validation of the LDAP server configuration within the Keycloak LDAP User Federation provider. An authenticated realm administrator, with the necessary permissions, can configure Keycloak to connect to a malicious LDAP server. This server can then return a specially crafted response containing serialized Java objects. Keycloak, without…

Overview A critical security vulnerability, identified as CVE-2025-0248, has been discovered in HCL iNotes. This vulnerability is a Reflected Cross-site Scripting (XSS) flaw stemming from improper validation of user-supplied input. Successful exploitation allows an unauthenticated, remote attacker to inject malicious scripts into a victim’s browser within the context of the iNotes web application. This could lead to the theft of sensitive information, including cookie-based authentication credentials, or the execution of arbitrary code on the victim’s machine. This vulnerability was published on 2025-11-25T16:16:06.137. Technical Details The Reflected XSS vulnerability in HCL iNotes occurs because the application fails to properly sanitize user-supplied…

Overview CVE-2025-36134 describes a low-severity security vulnerability affecting IBM Sterling B2B Integrator and IBM Sterling File Gateway. The vulnerability stems from a missing or insecure SameSite attribute for a sensitive cookie, potentially leading to sensitive information disclosure. Technical Details The core issue revolves around the absence or improper configuration of the SameSite attribute on a cookie used by IBM Sterling B2B Integrator and File Gateway. The SameSite attribute is a crucial security measure that controls whether a cookie is sent along with cross-site requests. Without a properly set SameSite attribute (or with it set to None without the Secure attribute),…

Overview A critical security vulnerability, identified as CVE-2025-64693, has been discovered in the Security Point component of both MaLion and MaLionCloud for Windows. This vulnerability is a heap-based buffer overflow that occurs during the processing of the Content-Length header in HTTP requests. A remote, unauthenticated attacker can exploit this flaw to achieve arbitrary code execution with SYSTEM privileges on the affected system. This poses a significant risk to organizations using these products. Technical Details CVE-2025-64693 stems from insufficient validation of the Content-Length header value when processing incoming HTTP requests within the Security Point component. By sending a specially crafted request…

Overview CVE-2025-62691 describes a significant security vulnerability affecting the Security Point component of MaLion and MaLionCloud. This vulnerability is a stack-based buffer overflow that exists in the processing of HTTP headers. A remote, unauthenticated attacker can exploit this flaw to achieve arbitrary code execution with SYSTEM privileges on the affected system. Technical Details The vulnerability stems from insufficient bounds checking when handling HTTP headers within the Security Point component. By sending a specially crafted HTTP request containing an overly long header value, an attacker can overwrite data on the stack. This overwrite can potentially redirect execution flow to attacker-controlled code,…

Overview CVE-2025-59485 is a critical vulnerability discovered in the Security Point (Windows) component of MaLion, specifically in versions prior to Ver. 5.3.4. This flaw arises from incorrect default permissions, allowing a local attacker (any user who can log in to the affected system) to potentially escalate privileges to SYSTEM level. Technical Details The vulnerability stems from inadequate permissions on a directory used by MaLion Security Point. An attacker can exploit this by placing an arbitrary file into a specific folder used by the application. If the attacker places a specially crafted DLL file into this directory, the MaLion Security Point…

Overview CVE-2025-59372 describes a path traversal vulnerability affecting certain ASUS router models. This vulnerability could allow a remote, authenticated attacker to write files outside of the intended directory on the affected device, potentially compromising its integrity and security. Technical Details The vulnerability lies in how the router handles file paths within a specific functionality (further details are available in the ASUS Security Advisory). By manipulating the file path during a write operation, an attacker with valid authentication credentials can bypass directory restrictions and write files to arbitrary locations on the router’s file system. This could involve overwriting critical system files,…

Overview An authentication bypass vulnerability, identified as CVE-2025-59371, has been discovered in the IFTTT integration feature of certain ASUS routers. This vulnerability could allow a remote, authenticated attacker to potentially gain unauthorized access to the device. It is crucial to assess your router model and apply the necessary firmware update to mitigate this risk. Importantly, Wi-Fi 7 series models are not affected by this vulnerability. Technical Details CVE-2025-59371 specifically targets the IFTTT integration functionality within affected ASUS routers. The precise mechanism of the authentication bypass is not fully detailed in the available advisory but likely involves flaws in how authentication…