Overview CVE-2025-13425 describes a denial-of-service (DoS) vulnerability found in OSV-SCALIBR. This vulnerability arises from a bug in the filesystem traversal fallback path. Specifically, when the ReadDir function returns nil for an empty directory, the fs/diriterate/diriterate.go:Next() function incorrectly indexes an empty slice, leading to an “index out of range” panic. This panic results in the application crashing, effectively causing a denial of service. Technical Details The root cause of the vulnerability lies in how OSV-SCALIBR handles empty directories during filesystem traversal. The diriterate.go file, specifically the Next() function, doesn’t properly account for the scenario where ReadDir returns nil. In such cases,…
-
-
Overview This article analyzes CVE-2025-65226, a buffer overflow vulnerability discovered in the Tenda AC21 router, specifically version V16.03.08.16. This vulnerability exists within the /goform/saveParentControlInfo endpoint and is triggered by manipulating the deviceId parameter. Exploitation of this vulnerability could allow an attacker to potentially execute arbitrary code on the affected device. Technical Details The vulnerability lies within the handling of the deviceId parameter within the /goform/saveParentControlInfo endpoint of the Tenda AC21 router’s firmware. It appears that the input validation for the deviceId parameter is insufficient. Sending an overly long string as the value for the deviceId parameter causes a buffer overflow,…
-
Overview This article provides a detailed analysis of CVE-2025-65223, a buffer overflow vulnerability affecting Tenda AC21 routers, specifically version V16.03.08.16. This vulnerability could allow a remote attacker to potentially execute arbitrary code on the device. Technical Details CVE-2025-65223 is a buffer overflow vulnerability located in the /goform/saveParentControlInfo endpoint of the Tenda AC21 router’s firmware. The vulnerability is triggered by an overly long input to the urls parameter. Because the firmware does not properly validate the length of the input, a specially crafted request with an excessive urls value can overwrite adjacent memory regions, leading to potential code execution. CVSS Analysis…
-
Overview CVE-2025-65222 details a buffer overflow vulnerability found in the Tenda AC21 router, specifically version V16.03.08.16. This vulnerability exists within the /goform/SetSysAutoRebbotCfg endpoint and is triggered via the rebootTime parameter. Successful exploitation could lead to arbitrary code execution, denial of service, or other potentially malicious outcomes. Technical Details The vulnerability lies within the handling of the rebootTime parameter in the /goform/SetSysAutoRebbotCfg endpoint. Insufficient input validation allows an attacker to provide a string larger than the allocated buffer size. This overflow can overwrite adjacent memory regions, potentially allowing for the execution of attacker-controlled code. The affected firmware version is V16.03.08.16 for…
-
Overview CVE-2025-65221 details a buffer overflow vulnerability found in the Tenda AC21 router, specifically version V16.03.08.16. This vulnerability exists in the /goform/setPptpUserList endpoint and is triggered via the list parameter. Exploitation of this vulnerability could potentially allow an attacker to execute arbitrary code on the device, leading to a compromise of the router and the network it serves. Technical Details The vulnerability is located within the /goform/setPptpUserList endpoint of the Tenda AC21’s web interface. The list parameter, which is likely intended to handle a list of PPTP user configurations, is not properly validated for length. Sending an overly long string…
-
Overview CVE-2025-65220 describes a buffer overflow vulnerability present in Tenda AC21 routers, specifically version V16.03.08.16. This vulnerability allows a remote attacker to potentially execute arbitrary code on the router, leading to a compromise of the device and the network it serves. The vulnerability lies in the handling of the `list` parameter within the `/goform/SetVirtualServerCfg` endpoint. Technical Details The vulnerability is a buffer overflow that occurs when the router processes the `list` parameter in the `/goform/SetVirtualServerCfg` endpoint. An attacker can send a specially crafted request with an overly long `list` parameter value. Because the router software doesn’t properly validate the length…
-
Overview A reflected Cross-Site Scripting (XSS) vulnerability, identified as CVE-2025-64984, has been discovered and patched in several Kaspersky security products. This vulnerability affects Kaspersky Endpoint Security for Linux, Kaspersky Industrial CyberSecurity for Linux Nodes, and Kaspersky Endpoint Security for Mac. An attacker could potentially exploit this flaw using phishing techniques to inject malicious scripts into a user’s browser session. Technical Details CVE-2025-64984 is a reflected XSS vulnerability. This means that an attacker could craft a malicious URL containing JavaScript code. If a user clicks on this manipulated URL (often distributed via phishing), the embedded script will be executed within the…
-
Overview A Cross-Site Request Forgery (CSRF) vulnerability, identified as CVE-2025-62346, has been discovered in HCL Glovius Cloud. This vulnerability allows an attacker to potentially force a user’s web browser to execute unintended, malicious actions on a trusted site where the user is already authenticated. This poses a significant risk to users of HCL Glovius Cloud and requires prompt mitigation. Technical Details CVE-2025-62346 stems from a lack of proper CSRF protection on a specific endpoint within HCL Glovius Cloud. An attacker can craft a malicious HTML page containing a request that, when visited by an authenticated user, will be automatically submitted…
-
Overview CVE-2025-60799 identifies a critical security vulnerability in phpPgAdmin version 7.13.0 and earlier. This vulnerability stems from improper access control within the sql.php file, allowing unauthorized manipulation of session variables. Exploitation of this flaw could lead to session poisoning, stored cross-site scripting (XSS), and unauthorized access to sensitive data. This poses a significant risk to systems using vulnerable versions of phpPgAdmin. Technical Details The vulnerability resides in the sql.php file, specifically around lines 68-76. The application accepts user-controlled parameters such as ‘subject’, ‘server’, ‘database’, and ‘queryid’ without proper validation or access control checks. This allows an attacker to manipulate the…
-
Overview A critical SQL injection vulnerability, identified as CVE-2025-60798, has been discovered in phpPgAdmin versions 7.13.0 and earlier. This vulnerability allows an authenticated attacker to execute arbitrary SQL commands, potentially leading to complete database compromise. It stems from insufficient input sanitization in the display.php file. Technical Details The vulnerability resides in the display.php file at line 396 of phpPgAdmin. The application directly passes user-controlled input from the $_REQUEST['query'] parameter to the browseQuery function without proper sanitization. This allows an attacker with valid authentication credentials to inject malicious SQL code into the query, potentially bypassing security measures and gaining unauthorized access…