Overview CVE-2025-63210 describes a critical authentication bypass vulnerability found in the Newtec Celox UHD devices (models CELOXA504 and CELOXA820) running firmware version celox-21.6.13. This flaw allows an attacker to gain unauthorized Superuser or Operator access to the affected devices without providing valid credentials. Technical Details The vulnerability resides in how the Newtec Celox UHD handles authentication requests via the /celoxservice endpoint. An attacker can exploit this issue by intercepting and modifying responses from this endpoint, specifically within the loginWithUserName flow. By injecting a forged response body during the authentication process, the attacker can manipulate the system into granting them Superuser…

Overview A significant security vulnerability, identified as CVE-2025-63209, has been discovered in the ELCA Star Transmitter Remote Control firmware version 1.25. This flaw allows unauthenticated attackers to retrieve sensitive information, including admin credentials and system settings, due to an unprotected endpoint. This poses a serious security risk to systems using affected ELCA Star Transmitter models. Technical Details The vulnerability lies within the /setup.xml endpoint of the ELCA Star Transmitter Remote Control firmware 1.25. This endpoint is not protected by any authentication mechanism, allowing anyone with network access to the device to retrieve its contents. Critically, the admin password is stored…

Overview CVE-2025-63207 is a critical security vulnerability affecting R.V.R Elettronica TEX products using firmware version TEXL-000400 and Web GUI version TLAN-000400. This vulnerability allows an unauthenticated attacker to change the Admin, Operator, and User passwords via the /_Passwd.html endpoint. Successful exploitation leads to complete system compromise. Published on 2025-11-19T18:15:48.793, this flaw highlights the importance of robust access control mechanisms in embedded devices. Technical Details The vulnerability resides in the lack of proper authentication checks on the /_Passwd.html endpoint. The R.V.R Elettronica TEX device fails to verify the identity of the user making a POST request to this endpoint. Consequently, an…

Overview CVE-2025-63206 details an authentication bypass vulnerability discovered in the web-based interface of the Dasan Switch DS2924. This vulnerability affects firmware versions 1.01.18 and 1.02.00. Attackers can exploit this flaw to gain escalated privileges by crafting and storing malicious cookies within the web browser. This could potentially allow unauthorized access to sensitive network configurations and data. Technical Details The vulnerability stems from insufficient validation of cookie data within the Dasan Switch DS2924’s web interface. An attacker can manipulate the cookie values to bypass authentication checks and gain elevated privileges. By crafting specific cookie values that the system interprets as legitimate…

Overview CVE-2025-63205 describes an information disclosure vulnerability affecting several BridgeTech probes, specifically the VB220 IP Network Probe, VB120 Embedded IP + RF Probe, VB330 High-Capacity Probe, VB440 ST 2110 Production Analytics Probe, and the NOMAD. Firmware versions 6.5.0-9 are impacted. This flaw allows attackers to potentially gain access to sensitive information, including administrator passwords, through the exposed `/probe/core/setup/passwd` endpoint. Technical Details The vulnerability resides within the web interface of the affected BridgeTech probes. The `/probe/core/setup/passwd` endpoint, intended for internal configuration or maintenance purposes, lacks adequate access controls. This allows unauthenticated or improperly authenticated users to access the endpoint and retrieve…

Overview CVE-2025-13315 is a critical access control vulnerability affecting Twonky Server version 8.5.2 on both Linux and Windows platforms. This flaw allows an unauthenticated attacker to bypass web service API authentication mechanisms, leading to the leakage of sensitive information, specifically the administrator’s username and encrypted password through access to a log file. This vulnerability was published on 2025-11-19T18:15:47.843. Technical Details The vulnerability resides in the improper handling of authentication checks within the Twonky Server’s web service API. By crafting specific requests, an attacker can circumvent the intended authentication process and gain unauthorized access to the system’s log files. These log…

Overview A critical Cross-Site Scripting (XSS) vulnerability has been identified in Astro’s Cloudflare adapter (@astrojs/cloudflare) affecting versions prior to 5.15.9. Designated as CVE-2025-65019, this flaw resides within the image optimization endpoint and allows attackers to inject malicious SVG payloads when the output: 'server' configuration is used. This bypasses domain restrictions and Content Security Policy (CSP) protections, posing a significant security risk. Technical Details The vulnerability stems from the isRemoteAllowed() function within Astro’s image optimization endpoint (/_image). Prior to version 5.15.9, this function unconditionally allowed data: protocol URLs. Attackers can exploit this by crafting malicious SVG files containing JavaScript code embedded…

Overview CVE-2025-64765 is a security vulnerability identified in Astro, a modern web framework. This vulnerability involves a path traversal issue arising from a mismatch in how Astro normalizes request paths for routing/rendering versus how middleware reads the path for validation checks. Specifically, it’s been discovered that Astro applies decodeURI() internally for route matching, while middleware uses context.url.pathname without the same decoding. This discrepancy allows attackers to potentially bypass authentication or authorization checks by using specially crafted, encoded paths. Technical Details The root cause of the vulnerability lies in the inconsistent path normalization within the Astro framework. When a request is…

Overview A critical reflected Cross-Site Scripting (XSS) vulnerability, identified as CVE-2025-64764, has been discovered in the Astro web framework. This vulnerability affects applications using the server islands feature. It has been patched in Astro version 5.15.8. Users of Astro are strongly advised to update to the latest version as soon as possible to mitigate this risk. Technical Details The vulnerability stems from insufficient sanitization of user-supplied input when utilizing server islands. Specifically, any input handled within the component templates of these islands could be exploited, regardless of the intended component behavior. This allows an attacker to inject malicious scripts into…

Overview CVE-2025-64708 describes a medium severity vulnerability in Authentik, an open-source Identity Provider. Prior to versions 2025.8.5 and 2025.10.2, the system incorrectly treated invitations as valid even after their expiration date. This relied on background tasks to clean up expired invitations, leading to a potential window of opportunity for unauthorized access if the cleanup task was delayed. Technical Details In previous versions of Authentik, invitation validation relied on background tasks scheduled to run every 5 minutes. While this approach works under normal circumstances, a large backlog of tasks could delay the cleanup process, extending the period during which expired invitations…