Overview CVE-2023-7330 describes a critical unauthenticated arbitrary file upload vulnerability affecting Ruijie NBR series routers. Discovered in 2025 and actively exploited since, this flaw allows a remote attacker to upload malicious PHP files to the router without authentication, leading to arbitrary code execution on the device. The vulnerable endpoint is `/ddi/server/fileupload.php`. Technical Details The vulnerability resides within the `/ddi/server/fileupload.php` endpoint. This endpoint is designed to handle file uploads, but it lacks proper validation and sanitization of user-supplied input. Specifically, the `name` and `uploadDir` parameters can be manipulated by an attacker. The endpoint fails to adequately check the file type, path,…

Overview CVE-2018-25126 exposes a significant security vulnerability within the firmware of Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000. This firmware is commonly utilized in various white-labeled Digital Video Recorder (DVR), Network Video Recorder (NVR), and Internet Protocol Camera (IPC) products. The vulnerability stems from two primary issues: the presence of hardcoded API credentials and an OS command injection flaw within the configuration services. This allows for unauthenticated remote attackers to gain arbitrary command execution as root. Technical Details The NVMS-9000 web/API interface accepts HTTP/XML requests. Authentication is bypassed using a fixed vendor credential string, a hardcoded value present within the…

Overview CVE-2025-64048 is a medium severity stored Cross-Site Scripting (XSS) vulnerability found in YCCMS version 3.4. This vulnerability resides within the article management functionality, specifically affecting the handling of article titles. An attacker can exploit this flaw to inject malicious JavaScript code into the article title field. When other users view the affected article, the injected script will execute in their browsers, potentially leading to account compromise, data theft, or defacement of the website. Technical Details The vulnerability stems from insufficient input sanitization within the add() and getPost() functions of the ArticleAction.class.php file. Specifically, the application fails to properly neutralize…

Overview CVE-2025-64047 is a Cross-Site Scripting (XSS) vulnerability identified in OpenRapid RapidCMS version 1.3.1. This vulnerability allows attackers to inject malicious scripts into the application, potentially leading to data theft, session hijacking, or defacement of the website. The flaw specifically resides within the /user/user-move.php file. Technical Details The vulnerability stems from insufficient input sanitization within the /user/user-move.php script. An attacker can inject malicious JavaScript code into a parameter that is later displayed in the user’s browser without proper encoding. When a user interacts with the injected script, it executes within their browser session, granting the attacker unauthorized access and control.…

Overview CVE-2025-63914 details a medium severity vulnerability in Cinnamon Kotaemon version 0.11.0. This vulnerability stems from the application’s handling of uploaded ZIP files and its susceptibility to a “ZIP bomb” attack. Specifically, the _may_extract_zip function within the \libs\ktem\ktem\index\file\ui.py file lacks adequate content validation before extracting ZIP archives. While extracted files are stored in a temporary directory that is cleared, the decompression process itself can exhaust server resources, leading to a potential denial-of-service (DoS) condition. Furthermore, if no subsequent file uploads occur, the extracted data could consume considerable disk space, potentially rendering the system unavailable. Technical Details The core of the…

Overview CVE-2025-56400 details a Cross-Site Request Forgery (CSRF) vulnerability within the OAuth implementation of the Tuya SDK, specifically version 6.5.0 for Android and iOS. This flaw impacts the Tuya Smart and Smartlife mobile applications, as well as any other third-party applications that incorporate this vulnerable SDK. The vulnerability allows a malicious actor to potentially link their own Amazon Alexa account to a victim’s Tuya account without the victim’s explicit consent. Technical Details The vulnerability stems from a failure to properly validate the OAuth state parameter during the account linking process between Tuya and Amazon Alexa. This missing validation creates an…

Overview CVE-2025-52539 describes a high-severity buffer overflow vulnerability present in the Xilinx Runtime Environment (XRT). This flaw could allow a local attacker to potentially read or corrupt data from the Advanced eXtensible Interface (AXI), leading to a significant compromise of confidentiality, integrity, and/or availability of the system. This vulnerability was published on 2025-11-24 and has a CVSS score of 7.3, indicating a high level of risk. Technical Details The vulnerability stems from insufficient bounds checking within the Xilinx Runtime Environment’s data handling processes. Specifically, when processing data related to the AXI interface, a buffer overflow can occur if the input…

Overview CVE-2025-0005 is a high-severity vulnerability affecting the AMD XOCL driver. This vulnerability stems from improper input validation, which can be exploited by a local attacker to trigger an integer overflow condition. Successful exploitation can lead to a system crash or denial-of-service (DoS) situation. This article provides a comprehensive overview of the vulnerability, including technical details, CVSS analysis, potential impact, and recommended mitigation steps. Technical Details The vulnerability resides in how the AMD XOCL driver handles specific input parameters. Due to insufficient validation, a malicious local attacker can supply input values that, when processed by the driver, result in an…

Overview CVE-2025-36112 identifies an information disclosure vulnerability affecting IBM Sterling B2B Integrator and IBM Sterling File Gateway. This flaw could allow an unauthorized user to access sensitive server IP configuration information. Understanding this vulnerability is crucial for organizations using these platforms to ensure the confidentiality and security of their infrastructure. Technical Details The vulnerability, identified as CVE-2025-36112, resides in specific versions of IBM Sterling B2B Integrator and IBM Sterling File Gateway: IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7 IBM Sterling B2B Integrator 6.2.0.0 through 6.2.0.5 IBM Sterling B2B Integrator 6.2.1.1 The precise mechanism through which the information is exposed is…

Overview CVE-2025-13466 describes a denial of service (DoS) vulnerability affecting body-parser version 2.2.0. This vulnerability arises from the inefficient handling of URL-encoded bodies containing a very large number of parameters. An attacker can exploit this by sending payloads with thousands of parameters within the default request size limit, leading to elevated CPU and memory usage. This can result in service slowdown or even partial outages under sustained malicious traffic. The vulnerability has been addressed in body-parser version 2.2.1. Published: 2025-11-24T19:15:46.857 Technical Details The body-parser library is a popular middleware for Node.js Express applications used to parse incoming request bodies. In…