Overview CVE-2025-36158 describes a medium-severity vulnerability affecting IBM Concert versions 1.0.0 through 2.0.0. This vulnerability could allow a local user, granted specific permissions within the IBM Concert environment, to potentially gain unauthorized access to sensitive information. The underlying cause is an uncontrolled recursive directory copying operation, which, if exploited, could inadvertently expose files that the user should not have access to. Technical Details The vulnerability stems from a flaw in how IBM Concert handles directory copying operations when specific user permissions are in place. The application doesn’t adequately restrict the scope of the copy operation, leading to the potential for…

Overview CVE-2025-36153 is a medium severity cross-site scripting (XSS) vulnerability affecting IBM Concert versions 1.0.0 through 2.0.0. This vulnerability allows an unauthenticated attacker to inject arbitrary JavaScript code into the application’s web interface. Successful exploitation could lead to the execution of malicious scripts within the context of a user’s session, potentially resulting in credential theft, data manipulation, or other unauthorized actions. Technical Details The vulnerability resides in the lack of proper input sanitization and output encoding within the IBM Concert web UI. Specifically, an unauthenticated attacker can inject malicious JavaScript code through a susceptible input field or URL parameter. When…

Overview CVE-2025-13087 describes a critical vulnerability affecting the Opto22 Groov Manage REST API, specifically impacting GRV-EPIC and groov RIO products. This flaw allows a remote attacker with administrative privileges to achieve remote code execution with root privileges. This means a compromised system could grant an attacker complete control over the affected device. Technical Details The vulnerability stems from the insecure handling of header details within the Groov Manage REST API. When a POST request is sent to the vulnerable endpoint, the application processes certain header values. Critically, these values are unsafely used to construct system commands. An attacker who has…

Overview CVE-2025-64770 is a medium-severity vulnerability affecting certain products that utilize the Open Network Video Interface Forum (ONVIF) standard. This vulnerability allows unauthenticated access to ONVIF services. Successful exploitation could grant an attacker unauthorized access to sensitive camera configuration information, potentially leading to further malicious activities. This vulnerability was published on 2025-11-20T21:16:06.753. Organizations using affected products are strongly encouraged to review their configurations and apply the recommended mitigations as soon as possible. Technical Details The root cause of CVE-2025-64770 lies in the lack of proper authentication checks for certain ONVIF services. An attacker on the same network (or with network…

Overview CVE-2025-63807 identifies a significant vulnerability in the weijiang1994 university-bbs application, also known as Blogin. Specifically, a flaw exists in the verification code generation and handling mechanism that can lead to account takeover. This vulnerability stems from a weak verification code generation process coupled with a lack of rate limiting, making the system susceptible to brute-force attacks. Technical Details The vulnerability resides within commit 9e06bab430bfc729f27b4284ba7570db3b11ce84 (dated 2025-01-13) of the Blogin source code. The core issue is a combination of two factors: Weak Verification Code Generation: The algorithm used to generate verification codes for password resets and other authentication procedures is…

Overview A critical vulnerability has been identified in Quark Cloud Drive version 3.23.2, tracked as CVE-2025-63685. This vulnerability is classified as a DLL hijacking issue, stemming from the application’s insecure method of loading system libraries. This blog post provides a detailed analysis of the vulnerability, its potential impact, and steps to mitigate the risk. Technical Details Quark Cloud Drive v3.23.2 is vulnerable to DLL hijacking due to its failure to properly validate the path and signature of `regsvr32.exe` during the loading of system libraries. Specifically, the application attempts to load `regsvr32.exe` without verifying its authenticity or location. This creates an…

Overview CVE-2025-62674 is a medium-severity vulnerability affecting a specific product that allows unauthenticated access to Real Time Streaming Protocol (RTSP) services. This flaw can potentially allow an attacker to gain unauthorized access to sensitive camera configuration information. Successful exploitation could lead to data breaches, unauthorized surveillance, or manipulation of camera settings. Technical Details The vulnerability stems from a lack of proper authentication mechanisms for the RTSP service. An attacker can directly connect to the RTSP port without providing any credentials. Once connected, the attacker can issue commands to retrieve camera settings, potentially including network configurations, user credentials (if stored unencrypted),…

Overview CVE-2025-25613 details a critical security vulnerability found in FS Inc’s S3150-8T2F 8-Port Gigabit Ethernet L2+ Switch. Specifically, versions prior to 2.2.0D Build 135103 transmit cookies containing administrative usernames and passwords in cleartext. This occurs during every POST request made to the web-based administrative application, using a simple Base64 encoding, effectively making the credentials easily retrievable by attackers. Technical Details The vulnerability stems from the switch’s web interface failing to properly encrypt or hash user credentials. Instead, the username and password are encoded using Base64 before being transmitted as part of the cookie during POST requests. Base64 is an encoding…

Overview CVE-2025-55124 is a reflected Cross-Site Scripting (XSS) vulnerability identified in Revive Adserver version 6.0.0 and later. This vulnerability exists within the `banner-zone.php` script due to improper neutralization of user-supplied input. An attacker can exploit this flaw to inject malicious scripts into a user’s browser when they visit a specially crafted URL. This can lead to session hijacking, defacement, or redirection to malicious websites. Technical Details The vulnerability stems from the `banner-zone.php` script’s failure to properly sanitize or encode user-provided input before reflecting it back in the HTML output. Specifically, a malicious actor can craft a URL containing JavaScript code…

Overview CVE-2025-55123 describes a Cross-Site Scripting (XSS) vulnerability affecting Revive Adserver versions 5.5.2 and 6.0.1 and earlier. This vulnerability allows authenticated manager accounts within Revive Adserver to inject malicious JavaScript code into the accounts of their own advertiser users. This can lead to various security risks, including data theft, account takeover, and malware distribution. Technical Details The vulnerability stems from improper neutralization of user-supplied input within the Revive Adserver application. Specifically, manager accounts can craft malicious input (likely within fields related to advertiser details or campaign configurations) that is not properly sanitized before being displayed to advertiser users. This unsanitized…