Overview CVE-2025-63362 describes a critical vulnerability affecting the Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway. Specifically, the firmware version V3.1.1.0 with hardware version HW 4.3.2.1 and webpage version V7.04T.07.002880.0301 allows attackers to set the Administrator password and username to blank values. This effectively bypasses authentication, granting unauthorized access to the device’s configuration and functionalities. Technical Details The vulnerability stems from a lack of proper input validation within the web-based administration interface. Attackers can exploit this flaw by submitting requests to the device’s web server that set both the username and password fields to empty strings during the…
-
-
Overview CVE-2025-63361 details a critical security vulnerability found in the Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway. Specifically, Firmware version V3.1.1.0: HW 4.3.2.1: Webpage V7.04T.07.002880.0301 is susceptible to a flaw that renders the administrator password in plaintext. This means an attacker with access to the device’s webpage source code can easily obtain the administrator credentials, leading to a complete compromise of the device. Technical Details The vulnerability resides in how the Waveshare gateway’s web interface handles and stores the administrator password. Instead of using proper hashing or encryption techniques, the password is made directly available in the…
-
Overview CVE-2025-59788 is a cross-site scripting (XSS) vulnerability identified in the files_pdfviewer example directory of Nextcloud. This vulnerability affects versions prior to 22.2.10.33, 23.0.12.29, 24.0.12.28, 25.0.13.23, 26.0.13.20, 27.1.11.20, 28.0.14.11, 29.0.16.8, 30.0.17, 31.0.10, and 32.0.1. An attacker can exploit this vulnerability to execute arbitrary JavaScript code within a user’s browser session by crafting a malicious PDF file and targeting the viewer.html file. This issue stems from exposing executable example code on a same-origin basis. It is related to CVE-2024-4367, highlighting the importance of addressing insecure example code practices. Technical Details The vulnerability resides within the files_pdfviewer application, specifically in the example…
-
Overview CVE-2025-14016 identifies a medium severity security vulnerability present in macrozheng mall-swarm version up to 1.0.3. This flaw allows unauthorized remote attackers to delete read history entries due to improper authorization checks within the delete function of the /member/readHistory/delete endpoint. A publicly available exploit exists, making this vulnerability a significant risk. Technical Details The vulnerability stems from inadequate validation of the ids argument passed to the delete function. An attacker can manipulate this parameter to delete read history entries belonging to other users without proper authentication or authorization. This improper authorization allows for the potential deletion of sensitive user data.…
-
Overview CVE-2025-14015 is a high-severity buffer overflow vulnerability affecting H3C Magic B0 routers up to version 100R002. This flaw resides in the EditWlanMacList function within the /goform/aspForm file. A remote attacker can exploit this vulnerability by manipulating the param argument, leading to a buffer overflow. Exploit code is publicly available, increasing the risk of exploitation. Unfortunately, the vendor has not responded to initial disclosure attempts. Technical Details The vulnerability stems from insufficient input validation on the param argument passed to the EditWlanMacList function. By providing a string exceeding the allocated buffer size, an attacker can overwrite adjacent memory regions. This…
-
Overview CVE-2025-14013 details a stored Cross-Site Scripting (XSS) vulnerability discovered in JIZHICMS, specifically affecting versions up to 2.5.5. This vulnerability resides within the Comment Handler component, potentially allowing attackers to inject malicious scripts into the system through the body parameter of the /index.php/admins/Comment/addcomment.html endpoint. The exploit is publicly available, increasing the risk of exploitation. Attempts to contact the vendor regarding this vulnerability were unsuccessful. Technical Details The vulnerability stems from insufficient input sanitization of the body parameter when adding comments via the /index.php/admins/Comment/addcomment.html endpoint. An attacker can inject arbitrary JavaScript code into this parameter, which will then be stored in…
-
Overview CVE-2025-13488 describes a security vulnerability in Sonatype Nexus Repository. A regression introduced in version 3.83.0 caused a critical security header to no longer be applied to certain user-uploaded content served from repositories. This oversight creates a potential avenue for attackers with the appropriate privileges to inject malicious code via stored Cross-Site Scripting (XSS) vulnerabilities. Technical Details The vulnerability stems from a regression that disabled the application of a specific security header. This header is designed to prevent browsers from interpreting uploaded content (e.g., an HTML file uploaded as a text file) as executable code. Without this header, a malicious…
-
Overview CVE-2025-9127 describes a vulnerability identified in PX Enterprise, a storage management solution. This vulnerability highlights a scenario where sensitive information may inadvertently be logged by the system under certain, yet unspecified, conditions. While the precise nature of the sensitive data and the conditions leading to its exposure are not fully detailed in the initial report, it’s crucial for PX Enterprise users to understand the potential risks and apply any available mitigations. Technical Details The specifics of this vulnerability are currently limited. The primary concern revolves around the possibility of sensitive data, such as credentials, API keys, or potentially user…
-
Published: 2025-12-04T18:15:51.123 Overview CVE-2025-63363 describes a security vulnerability in the Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: Webpage V7.04T.07.002880.0301. This vulnerability stems from a lack of Management Frame Protection (MFP), allowing attackers to execute deauthentication attacks against devices connected through the gateway. Technical Details The vulnerability lies in the device’s failure to implement proper protection for Wi-Fi management frames. Specifically, the gateway does not enforce authentication or encryption for deauthentication and disassociation frames. This allows a malicious actor within range of the Wi-Fi network to inject crafted deauthentication packets, forcibly disconnecting clients from…
-
Overview CVE-2025-14012 details a SQL injection vulnerability found in JIZHICMS versions up to 2.5.5. This vulnerability affects the batch comment deletion functionality. Specifically, the functions deleteAll, findAll, and delete within the /index.php/admins/Comment/deleteAll.html file are susceptible to malicious manipulation. An attacker can leverage this flaw to execute arbitrary SQL queries on the database, potentially leading to data breaches, modification, or even complete system compromise. Technical Details The vulnerability stems from insufficient input sanitization within the batch comment deletion feature. The deleteAll.html component processes data parameters without proper validation, allowing an attacker to inject malicious SQL code within these parameters. The publicly…