Overview CVE-2025-62155 is a high-severity Server-Side Request Forgery (SSRF) vulnerability affecting the New API LLM gateway and AI asset management system. This vulnerability exists prior to version 0.9.6 and allows attackers to bypass existing security measures implemented to prevent SSRF attacks. The bypass leverages a 302 redirect to circumvent the initial security checks, ultimately enabling unauthorized access to internal resources. Technical Details The initial SSRF fix implemented in New API applied security restrictions only to the first URL request. By crafting a request that initially points to an external server controlled by the attacker, and then redirects (using a 302…

Overview CVE-2025-10144 is a medium severity vulnerability affecting the Perfect Brands for WooCommerce plugin for WordPress. This flaw allows authenticated attackers with Contributor-level access or higher to perform time-based SQL Injection attacks. The vulnerability exists in versions up to and including 3.6.2 of the plugin. By exploiting this vulnerability, attackers can inject malicious SQL queries into existing queries, potentially leading to the extraction of sensitive information from the WordPress database. This could include user credentials, customer data, and other confidential information. Technical Details The vulnerability lies within the `products` shortcode’s `brands` attribute. Insufficient escaping of user-supplied input in this attribute,…

Overview CVE-2025-63674 describes a security vulnerability found in Blurams Lumi Security Camera (A31C) version 23.1227.472.2926. This vulnerability allows a local physical attacker to execute arbitrary code on the device. The attack is achieved by overriding the bootloader via a specially crafted SD card. This means an attacker needs physical access to the camera to exploit it. Technical Details The vulnerability stems from the lack of proper validation of the bootloader image when the device boots from an SD card. An attacker can insert a malicious SD card containing a modified bootloader. The camera, upon startup, will then execute the malicious…

Overview CVE-2025-54563 describes a high-severity Incorrect Access Control vulnerability affecting the Application Server of Desktop Alert PingAlert versions 6.1.0.11 to 6.1.1.2. This vulnerability allows an attacker to bypass access controls, potentially leading to unauthorized Remote Information Disclosure. This can expose sensitive data, potentially impacting confidentiality and integrity. Technical Details The vulnerability stems from inadequate access control mechanisms within the Application Server. Specifically, certain API endpoints or functionalities do not properly validate user permissions before granting access to sensitive information. An attacker could potentially exploit this by crafting specific requests that bypass these checks, allowing them to retrieve data that they…

Overview A critical directory traversal vulnerability, identified as CVE-2025-54347, has been discovered in the Application Server of Desktop Alert PingAlert versions 6.1.0.11 through 6.1.1.2. This vulnerability allows a remote attacker to write arbitrary files on the system, potentially leading to complete system compromise under specific circumstances. Technical Details The vulnerability resides within the file handling mechanism of the PingAlert Application Server. Due to insufficient input validation, a malicious actor can manipulate file paths provided to the server. By crafting a request containing “../” sequences, an attacker can traverse outside of the intended directory and write files to arbitrary locations on…

Overview CVE-2025-54341 identifies a medium severity vulnerability within the Application Server of Desktop Alert PingAlert versions 6.1.0.11 to 6.1.1.2. This vulnerability stems from the presence of hard-coded configuration values within the application. The presence of hardcoded credentials or sensitive configuration settings represents a significant security risk, as it can be exploited by attackers to gain unauthorized access to sensitive data or system functionalities. Technical Details The vulnerability arises because the PingAlert Application Server stores sensitive configuration data, such as database credentials or API keys, directly within the application’s codebase or configuration files in a non-encrypted or easily decipherable format. This…

Overview A critical security vulnerability, identified as CVE-2025-54338, has been discovered in the Application Server of Desktop Alert PingAlert versions 6.1.0.11 through 6.1.1.2. This vulnerability stems from an Incorrect Access Control issue, potentially allowing unauthorized attackers to disclose sensitive user password hashes. This is a HIGH severity vulnerability that requires immediate attention. Technical Details The vulnerability exists due to insufficient access control mechanisms within the PingAlert Application Server. An attacker, by exploiting this flaw, can potentially bypass authentication checks and gain access to user password hashes stored on the server. The specific method of exploitation involves [Details on the specific…

Overview CVE-2024-47856 describes a path interception vulnerability affecting RSA Authentication Agent for Microsoft Windows versions prior to 7.4.7. This vulnerability could allow an attacker to execute arbitrary code by placing a malicious executable in a carefully chosen directory. The core issue arises from how Windows resolves executable paths when those paths contain spaces and are not properly quoted. Technical Details The vulnerability stems from the way RSA Authentication Agent configures service and shortcut paths. If these paths contain spaces and are not enclosed in quotation marks, Windows may incorrectly resolve the intended executable. Specifically, Windows searches for executables by iteratively…

Overview This blog post details CVE-2025-63498, a Cross-Site Scripting (XSS) vulnerability discovered in alinto SOGo version 5.12.3. This vulnerability allows an attacker to inject malicious scripts into the application through the “userName” parameter, potentially compromising user accounts and data. Technical Details The vulnerability exists because SOGo 5.12.3 fails to properly sanitize the “userName” parameter before rendering it in the application’s interface. This allows an attacker to inject arbitrary JavaScript code, which will be executed in the context of the victim’s browser when they access the affected page. A successful exploit could allow an attacker to: Steal user session cookies. Deface…

Overview CVE-2025-52538 is a high-severity vulnerability affecting the AMD XOCL driver. This vulnerability stems from improper input validation, which can allow a local attacker to trigger an integer overflow condition. Successful exploitation could lead to a loss of confidentiality or availability on the affected system. Technical Details The vulnerability resides within the XOCL driver, which is a component used for [Provide a brief, general explanation of what the XOCL driver does – replace this bracketed text. If the function of the driver is unknown, state “The specific function of the XOCL driver where the vulnerability exists is currently undisclosed in…