Overview A high-severity stack-based buffer overflow vulnerability, identified as CVE-2025-60690, has been discovered in Linksys E1200 v2 routers running firmware version E1200_v2.0.11.001_us. This flaw allows unauthenticated remote attackers to potentially execute arbitrary code or cause a denial-of-service (DoS) condition on affected devices. Technical Details The vulnerability resides in the get_merge_ipaddr function within the httpd binary. This function is responsible for concatenating up to four user-supplied CGI parameters (named <parameter>_0 through <parameter>_3) into a fixed-size buffer. Critically, the function lacks proper bounds checking during the concatenation process. By sending specially crafted HTTP requests with overly long parameter values, an attacker can…

Overview This blog post details CVE-2025-20355, a medium-severity open redirect vulnerability affecting the web-based management interface of the Cisco Catalyst Center Virtual Appliance. This vulnerability could be exploited by an unauthenticated, remote attacker to redirect users to malicious web pages, potentially leading to phishing attacks or credential theft. Technical Details The vulnerability stems from improper input validation of HTTP request parameters within the Cisco Catalyst Center’s web interface. An attacker can exploit this by intercepting and modifying an HTTP request originating from a legitimate user. By manipulating the redirect URL parameter, the attacker can force the user’s browser to redirect…

Overview CVE-2025-20353 details a cross-site scripting (XSS) vulnerability found within the web-based management interface of Cisco Catalyst Center. This vulnerability allows an unauthenticated, remote attacker to execute arbitrary script code within the browser of a user interacting with the affected interface. By tricking a user into clicking a specially crafted link, an attacker can potentially gain access to sensitive browser-based information or manipulate the interface on behalf of the victim. Technical Details The vulnerability stems from insufficient validation of user-supplied input within the Cisco Catalyst Center’s web management interface. Specifically, when processing certain data provided by users, the system fails…

Published: 2025-11-13T17:15:45.817 Overview A critical vulnerability, identified as CVE-2025-20349, has been discovered in the REST API of Cisco Catalyst Center (formerly DNA Center). This vulnerability could allow an authenticated, remote attacker to execute arbitrary commands within a restricted container as the root user, potentially leading to significant system compromise. Technical Details The vulnerability stems from insufficient validation of user-supplied input within REST API request parameters. An attacker with valid credentials for a user account possessing at least the Observer role can exploit this flaw by crafting a malicious API request. This crafted request can inject arbitrary commands, which are then…

Overview CVE-2025-20346 describes a medium-severity vulnerability affecting Cisco Catalyst Center. This flaw allows a remote, authenticated attacker with read-only (Observer) privileges to perform actions that are intended only for Administrator-level accounts. Successful exploitation could lead to unauthorized modification of critical system policies. Technical Details The vulnerability stems from improper role-based access control (RBAC) implementation within Cisco Catalyst Center. An attacker possessing valid credentials for a user with at least the “Observer” role can exploit this flaw by logging into the affected system and manipulating specific policy configurations. Due to the inadequate RBAC, the system incorrectly grants these users permissions to…

Overview CVE-2025-20341 is a high-severity vulnerability affecting the Cisco Catalyst Center Virtual Appliance. This vulnerability could allow an authenticated, remote attacker to elevate their privileges to Administrator on a vulnerable system. Exploitation allows unauthorized modifications, potentially including creating new user accounts or gaining complete control over the system. Technical Details The vulnerability stems from insufficient validation of user-supplied input within the Cisco Catalyst Center Virtual Appliance. Specifically, a crafted HTTP request can bypass security checks. An attacker possessing valid credentials for a user account with at least the “Observer” role can leverage this vulnerability to elevate their privileges. By submitting…

Overview CVE-2025-13121 is a high-severity SQL Injection vulnerability discovered in cameasy LikeTea version 1.0.0. This vulnerability resides within the list function of the laravel/app/Http/Controllers/Front/StoreController.php file, specifically affecting the API Endpoint component. Successful exploitation allows remote attackers to inject arbitrary SQL commands, potentially leading to data breaches, modification, or denial of service. This vulnerability has been publicly disclosed and actively exploited. Technical Details The vulnerability stems from improper sanitization of user-supplied input passed through the lng and lat arguments to the list function within the StoreController.php file. An attacker can inject malicious SQL code within these parameters. The lack of input…

Overview CVE-2025-11538 is a security vulnerability affecting Keycloak, a popular open-source identity and access management solution. This vulnerability arises when Keycloak’s debug mode is enabled without proper configuration. Specifically, the issue stems from the Java Debug Wire Protocol (JDWP) port binding to all network interfaces (0.0.0.0) by default when the --debug <port> flag is used. This default behavior exposes the debug port, potentially allowing unauthorized remote code execution. Technical Details The vulnerability lies in the insecure default configuration of the debug mode. When initiated with the --debug <port> flag, Keycloak binds the JDWP port to all available network interfaces. This…

Overview CVE-2025-64718 describes a prototype pollution vulnerability found in js-yaml, a popular JavaScript YAML parser and dumper. Specifically, versions 4.1.0 and below are susceptible to attacks where malicious YAML documents can modify the prototype of JavaScript objects during parsing. This can lead to various security implications, especially when parsing untrusted YAML data. Technical Details The vulnerability arises from the improper handling of the __proto__ property within YAML documents. An attacker can craft a YAML document containing __proto__ keys that, when parsed by a vulnerable js-yaml version, will modify the prototype of JavaScript objects. This modification can inject malicious properties and…

Overview CVE-2025-64717 describes a critical vulnerability in ZITADEL, an open-source identity management platform. This flaw allows for potential account takeovers by exploiting a bypass in the federated authentication process. Specifically, the vulnerability enables the auto-linking of users from external identity providers (IdPs) to existing ZITADEL user accounts, even when the IdP should be disabled or federation is disallowed for the organization. Technical Details The vulnerability stems from ZITADEL’s failure to properly enforce organization-specific security settings during the authentication flow. Even if an Organization Administrator explicitly disables an IdP or disallows federated authentication, the system fails to honor this setting during…