Overview This article discusses CVE-2025-66471, a vulnerability affecting urllib3, a popular user-friendly HTTP client library for Python. Specifically, the vulnerability resides in the streaming API and its handling of highly compressed data. This can lead to excessive resource consumption, potentially causing denial-of-service conditions. Technical Details Urllib3’s streaming API is designed to efficiently handle large HTTP responses by processing data in chunks. When dealing with compressed responses (e.g., gzip, deflate, br, or zstd), urllib3 decompresses the data based on the Content-Encoding header. The vulnerability arises because the decompression logic can, in certain scenarios with highly compressed data, fully decode a small…

Overview A critical security vulnerability, identified as CVE-2025-65879, has been discovered in Warehouse Management System version 1.2. This vulnerability allows an authenticated attacker to delete arbitrary files on the server. The root cause lies in insufficient input validation on the /goods/deleteGoods endpoint, specifically concerning the goodsimg parameter. Technical Details The vulnerability stems from the lack of proper sanitization of the goodsimg parameter passed to the /goods/deleteGoods endpoint. An authenticated user can manipulate this parameter to include directory traversal sequences (e.g., ../). The application then directly concatenates the user-controlled goodsimg value with the server’s UPLOAD_PATH and passes the resulting path to…

Overview CVE-2025-65878 describes an arbitrary file read vulnerability affecting version 1.2 of the Warehouse Management System. This vulnerability allows an attacker to read sensitive files on the server’s file system by exploiting a lack of proper input sanitization in the /file/showImageByPath endpoint. By crafting malicious requests with directory traversal sequences, attackers can bypass intended access controls and potentially access confidential data, configuration files, or even system binaries. Technical Details The vulnerability resides in the /file/showImageByPath endpoint. The system fails to adequately sanitize user-supplied path parameters used to retrieve image files. This oversight allows an attacker to inject directory traversal sequences…

Overview A critical security vulnerability, identified as CVE-2025-65036, has been discovered in the XWiki Remote Macros extension. This extension is designed to provide XWiki rendering macros that facilitate content migration from Confluence. The vulnerability, present in versions prior to 1.27.1, allows for Remote Code Execution (RCE) due to insufficient permission checks when executing Velocity macros from details pages. This means a malicious actor could potentially execute arbitrary code on the XWiki server. Technical Details The XWiki Remote Macros extension allows users to leverage Velocity macros to render content. Versions prior to 1.27.1 do not properly validate the permissions of users…

Overview CVE-2025-14104 is a medium severity vulnerability found in util-linux, specifically affecting the setpwnam() function. This flaw allows for a heap buffer overread when processing usernames that are 256 bytes in length. The vulnerability primarily impacts SUID (Set User ID) login-utils utilities that write to the password database. Successful exploitation could potentially lead to information disclosure, denial of service, or, in more severe scenarios, privilege escalation. Technical Details The vulnerability resides in the way setpwnam(), a function used to retrieve user account information by username, handles unusually long usernames. When a username with a length of 256 bytes is processed,…

Overview CVE-2025-14094 describes a medium severity vulnerability found in Edimax BR-6478AC V3 firmware version 1.0.15. This vulnerability allows a remote attacker to execute arbitrary operating system commands on the affected device. The vendor was notified but did not respond to the disclosure. Technical Details The vulnerability resides within the sub_44CCE4 function of the /boafrm/formSysCmd file. By manipulating the sysCmd argument, an attacker can inject arbitrary OS commands. Because the attack is initiated remotely and requires no authentication (based on published reports), the potential impact is significant. CVSS Analysis The vulnerability has a CVSS score of 4.7, indicating a MEDIUM severity.…

Overview CVE-2025-14093 is a medium severity vulnerability affecting Edimax BR-6478AC V3 routers running firmware version 1.0.15. This vulnerability allows a remote attacker to inject operating system commands due to insufficient input validation in the /boafrm/formTracerouteDiagnosticRun endpoint. The vendor has been contacted but has not responded. Technical Details The vulnerability resides within the sub_416990 function of the /boafrm/formTracerouteDiagnosticRun file. Specifically, the host argument is vulnerable to OS command injection. An attacker can manipulate this argument to execute arbitrary commands on the router’s operating system. This is possible because the router does not properly sanitize user-supplied input before passing it to a…

Overview CVE-2024-9183 is a high-severity vulnerability affecting GitLab CE/EE. It allows an authenticated, lower-privileged user, under specific circumstances, to potentially obtain credentials from higher-privileged users and perform actions within their context. This could lead to significant security breaches, including data exfiltration and unauthorized access. This vulnerability affects all versions of GitLab CE/EE from 18.4 prior to 18.4.5, 18.5 prior to 18.5.3, and 18.6 prior to 18.6.1. It has been remediated in versions 18.4.5, 18.5.3, and 18.6.1 and later. Technical Details The precise technical details of the vulnerability are not explicitly detailed here to prevent further exploitation. However, it is understood…

Published: 2025-12-05T16:15:51.053 Overview CVE-2025-66418 identifies a critical vulnerability within urllib3, a widely used HTTP client library for Python. This vulnerability, affecting versions 1.24 up to, but not including, 2.6.0, stems from an unbounded number of links permitted in the decompression chain. A malicious server could exploit this by injecting a virtually unlimited number of compression steps. This leads to excessive CPU utilization and substantial memory allocation as urllib3 attempts to decompress the data, potentially resulting in a denial-of-service (DoS) condition. Technical Details The vulnerability arises from the way urllib3 handles compressed responses. Specifically, the library fails to limit the depth…

Overview CVE-2025-65897 identifies a critical security vulnerability affecting zdh_web, a platform designed for data collection, processing, monitoring, scheduling, and management. This vulnerability allows authenticated users to upload arbitrary files to the server file system due to insufficient validation of file upload paths. This flaw could enable attackers to overwrite existing files, potentially leading to privilege escalation or remote code execution. The vulnerability exists in zdh_web versions up to and including 5.6.17. Technical Details The core issue lies in the insufficient validation performed on file paths during the upload process. An authenticated user can manipulate the file path provided to the…