Overview CVE-2025-14088 is a medium severity vulnerability affecting ketr JEPaaS versions up to 7.2.8. This vulnerability allows for remote attackers to bypass authorization controls through manipulation of the Authorization argument when accessing the /je/load file. Successful exploitation could lead to unauthorized access to sensitive data and potential system compromise. The vulnerability has been publicly disclosed and exploits are available. Technical Details The vulnerability stems from improper authorization handling in the /je/load endpoint within the JEPaaS application. By manipulating the Authorization header, an attacker can potentially elevate their privileges and gain access to functionalities that should be restricted to authorized users.…

Overview CVE-2025-58098 describes a command injection vulnerability affecting Apache HTTP Server versions 2.4.65 and earlier. This vulnerability occurs when Server Side Includes (SSI) are enabled, and the mod_cgid module (but not mod_cgi) is in use. The vulnerability allows attackers to inject arbitrary commands through the query string, which is then executed by the server due to insufficient sanitization within the #exec cmd="..." SSI directive. Technical Details The core issue lies in how Apache HTTP Server handles the query string when SSI is enabled alongside mod_cgid. When processing the #exec cmd="..." directive, the server passes the query string to the command…

Overview CVE-2025-14086 details an improper access control vulnerability affecting youlaitech youlai-mall versions 1.0.0 and 2.0.0. This flaw allows for unauthorized access to sensitive resources due to insufficient validation of user-supplied input. The vulnerability resides within the /app-api/v1/members/openid/ endpoint, specifically through manipulation of the openid parameter. A publicly available exploit exists, increasing the risk of exploitation. The vendor was contacted regarding this issue but has not provided a response. Technical Details The vulnerability stems from a lack of proper input sanitization and authorization checks on the openid parameter within the /app-api/v1/members/openid/ endpoint. An attacker can manipulate this parameter to potentially bypass…

Overview CVE-2025-14085 is a medium severity vulnerability found in youlaitech youlai-mall versions 1.0.0 and 2.0.0. This vulnerability allows for remote attackers to potentially execute arbitrary code due to improper control of dynamically identified variables when manipulating the ‘orderId’ argument in the /app-api/v1/orders/ endpoint. The vendor has been notified but has not provided a response or patch at this time. Technical Details The vulnerability resides in the handling of the orderId parameter within the /app-api/v1/orders/ endpoint. An attacker can manipulate this parameter to inject malicious code, potentially leading to the execution of arbitrary commands on the server. The root cause is…

Overview CVE-2025-6966 describes a NULL pointer dereference vulnerability found in the TagSection.keys() function of the python-apt package. This vulnerability affects APT-based Linux systems. A local attacker can exploit this flaw to cause a denial of service (DoS) by providing a specially crafted deb822 file containing a malformed, non-UTF-8 key. This leads to a process crash. Technical Details The vulnerability stems from improper handling of non-UTF-8 characters within the keys of a deb822 formatted file. Specifically, when python-apt attempts to process a deb822 file with a key containing characters outside the UTF-8 encoding, the TagSection.keys() function encounters a situation where it…

Overview CVE-2025-13654 describes a stack buffer overflow vulnerability found in DUC, a disk management tool. Specifically, the vulnerability resides within the buffer_get function. An underflow condition can lead to an out-of-bounds read, ultimately triggering the stack buffer overflow. This can potentially allow an attacker to execute arbitrary code or cause a denial-of-service (DoS). Technical Details The vulnerability in DUC arises due to an integer underflow within the buffer_get function. This underflow causes a condition to evaluate to true unexpectedly, leading to an out-of-bounds read. Because this read writes to a stack buffer, it allows writing beyond the buffer’s boundaries, corrupting…

Overview CVE-2025-66200 identifies a security vulnerability in the Apache HTTP Server that could allow for a bypass of the mod_userdir and suexec modules. Specifically, this issue is related to the improper handling of AllowOverride FileInfo configurations. The vulnerability affects Apache HTTP Server versions 2.4.7 through 2.4.65. Technical Details The vulnerability resides in how Apache HTTP Server handles the AllowOverride FileInfo directive in conjunction with mod_userdir and suexec. Users with the ability to utilize the RequestHeader directive within .htaccess files can potentially manipulate the execution context of CGI scripts. By leveraging this flaw, an attacker can cause these CGI scripts to…

Published: 2025-12-05 Overview CVE-2025-65082 describes an Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server. This flaw allows attackers to potentially inject parameters into CGI programs by manipulating environment variables defined within the Apache configuration. These configuration-defined variables unexpectedly supersede variables the server calculates and provides to CGI programs. This vulnerability affects Apache HTTP Server versions 2.4.0 through 2.4.65. It is highly recommended to upgrade to version 2.4.66 or later to mitigate this risk. Technical Details The vulnerability stems from the way Apache HTTP Server handles environment variables when executing CGI scripts. When the server is…

Overview A critical Server-Side Request Forgery (SSRF) vulnerability, identified as CVE-2025-59775, has been discovered in Apache HTTP Server running on Windows operating systems. This vulnerability exists under specific configurations, namely when AllowEncodedSlashes is set to On and MergeSlashes is set to Off. Exploitation of this vulnerability could allow a malicious actor to potentially leak NTLM hashes to a server controlled by the attacker via crafted requests or malicious content. Technical Details The vulnerability arises due to improper handling of encoded slashes when the aforementioned configuration settings are enabled. When AllowEncodedSlashes On is configured, the server permits encoded slashes (e.g., %2f…

Overview A critical security vulnerability, identified as CVE-2025-55753, has been discovered in the Apache HTTP Server. This integer overflow issue affects versions 2.4.30 through 2.4.65. The vulnerability occurs during ACME certificate renewal, potentially leading to denial-of-service-like behavior due to excessive renewal attempts. It is highly recommended that all users upgrade to version 2.4.66 as soon as possible. Technical Details The vulnerability stems from an integer overflow in the backoff timer mechanism used during ACME certificate renewal. When an ACME certificate renewal fails, Apache HTTP Server employs a backoff timer to prevent repeated attempts from overwhelming the ACME server. However, after…