Overview A command injection vulnerability, identified as CVE-2025-59370, has been discovered in the bwdpi component of certain ASUS routers. This vulnerability could allow a remote, authenticated attacker to execute arbitrary commands on the affected device. Successful exploitation of this vulnerability could lead to the device executing unintended instructions, potentially compromising the entire network. Technical Details CVE-2025-59370 is a command injection vulnerability present within the bwdpi component of ASUS router firmware. While specific details on the vulnerable code section are not publicly available, the nature of command injection vulnerabilities implies that user-supplied input is not properly sanitized before being used in…
-
-
Overview CVE-2025-59369 details a SQL injection vulnerability discovered in the bwdpi component of ASUS router firmware. This vulnerability allows a remote attacker, with valid authentication credentials, to potentially execute arbitrary SQL queries against the router’s database. This could lead to unauthorized data access, modification, or even complete compromise of the device. Technical Details The vulnerability resides within the bwdpi component, likely due to insufficient sanitization of user-supplied input that is later used in SQL queries. A remote, authenticated attacker can inject malicious SQL code into specific input fields. When the router processes this manipulated input, it executes the injected SQL…
-
Overview CVE-2025-59368 describes an integer underflow vulnerability discovered in Aicloud, a feature commonly found in ASUS routers. This vulnerability could be exploited by an authenticated attacker to potentially disrupt the availability of the affected device. This advisory details the specifics of this flaw, its potential impact, and recommended mitigation strategies. Refer to the official ASUS Security Advisory for the latest information. Technical Details The vulnerability stems from an integer underflow condition within the Aicloud component. A crafted request, sent by an authenticated user, can trigger this underflow. The specific function and input parameters leading to the underflow are detailed in…
-
Overview CVE-2025-59366 details an authentication bypass vulnerability identified in ASUS AiCloud. This flaw allows unauthorized execution of specific functions, stemming from an unintended interaction with the Samba functionality within the AiCloud service. Exploiting this vulnerability could grant attackers access without proper authorization, potentially compromising data and system integrity. Technical Details The vulnerability arises due to how AiCloud handles authentication in conjunction with its Samba implementation. A specific side effect during Samba operations allows attackers to circumvent the expected authentication mechanisms. While the exact technical details of the exploit are not fully disclosed to prevent widespread abuse, it is understood that…
-
Overview A stack buffer overflow vulnerability, identified as CVE-2025-59365, has been discovered in specific ASUS router models. This flaw allows an authenticated attacker to potentially compromise the device’s availability by sending a specially crafted request. This vulnerability highlights the importance of keeping your router firmware up-to-date. Technical Details CVE-2025-59365 is a stack buffer overflow. This means that a specific input field within the router’s web interface (or another exposed service) can be manipulated with overly long data. When processed, this data overwrites memory beyond the allocated buffer space on the stack. Because this is a stack overflow, it can overwrite…
-
Overview CVE-2025-13502 is a high-severity vulnerability identified in both WebKitGTK and WPE WebKit. This flaw can be exploited by attackers to trigger a denial-of-service (DoS) condition, specifically a UIProcess crash, by sending a specially crafted payload to the GLib remote inspector server. This compromises the availability of applications utilizing the affected WebKit versions. Technical Details The vulnerability stems from an out-of-bounds read and an integer underflow condition. When processing a malicious payload via the GLib remote inspector server, the affected WebKit implementations attempt to access memory outside of allocated bounds. This, coupled with the integer underflow, leads to unexpected program…
-
Overview CVE-2025-13452 details a medium severity vulnerability found in the “Admin and Customer Messages After Order for WooCommerce: OrderConvo” plugin for WordPress. Specifically, all versions up to and including version 14 are affected. This vulnerability allows unauthenticated attackers to impersonate any WordPress user and inject arbitrary messages into any WooCommerce order conversation. This is achieved by exploiting a missing authorization check in the plugin’s REST API. Technical Details The vulnerability stems from a flawed permission check within the REST API permission callback function. This function incorrectly returns `true` when no nonce is provided. As a result, an attacker can bypass…
-
Overview CVE-2025-13414 is a medium severity vulnerability affecting the Chamber Dashboard Business Directory plugin for WordPress. This vulnerability allows unauthenticated attackers to export sensitive business directory information. The issue stems from a missing capability check within the cdash_watch_for_export() function. This vulnerability affects all versions up to and including 3.3.11. Technical Details The vulnerability exists because the cdash_watch_for_export() function, responsible for handling data export requests, lacks proper authorization checks. Specifically, it fails to verify whether the user initiating the export has the necessary capabilities to perform this action. This oversight enables unauthenticated users to trigger the export functionality, potentially exposing confidential…
-
Overview CVE-2025-13405 is a medium-severity vulnerability affecting the Ace Post Type Builder plugin for WordPress. This vulnerability allows authenticated attackers with even Subscriber-level access to delete arbitrary custom taxonomies due to missing authorization validation in the cptb_delete_custom_taxonomy() function. All versions up to, and including, 1.9 are affected. This poses a significant risk to website integrity and data management. Technical Details The vulnerability resides in the cptb_delete_custom_taxonomy() function within the plugin’s core files. The function lacks proper authorization checks, meaning that any authenticated user, regardless of their role, can trigger the deletion of custom taxonomies by sending a specially crafted request.…
-
Overview CVE-2025-13404 is a medium severity vulnerability affecting the ATEC Duplicate Page & Post plugin for WordPress. This vulnerability allows authenticated attackers with Contributor-level access or higher to duplicate arbitrary posts, including private and password-protected ones, without proper authorization validation. This can lead to sensitive data exposure. Technical Details The vulnerability resides in the duplicate_post() function within the plugin. Versions up to and including 1.2.20 lack adequate authorization checks before allowing post duplication. Specifically, the plugin fails to verify if the user has the necessary permissions to duplicate the target post. An authenticated user with Contributor access can trigger the…