Overview A high-severity Server-Side Request Forgery (SSRF) vulnerability has been discovered in Open WebUI, a self-hosted artificial intelligence platform designed for offline operation. This vulnerability, identified as CVE-2025-65958, allows any authenticated user to force the server to make HTTP requests to arbitrary URLs. This poses a significant risk to the confidentiality and integrity of systems interacting with Open WebUI. Technical Details Open WebUI versions prior to 0.6.37 are susceptible to this SSRF vulnerability. The flaw stems from insufficient validation of user-supplied input used in making HTTP requests. An authenticated user can manipulate this input to construct URLs that the Open…

Overview A critical security vulnerability, identified as CVE-2025-65883, has been discovered in the Genexis Platinum P4410 router running firmware version P4410-V2–1.41. This vulnerability allows a local network attacker to execute arbitrary code with root privileges on the affected device. The root cause is improper session invalidation after an administrator logs out of the router’s management interface. Technical Details The vulnerability stems from the router’s failure to properly invalidate the administrator’s session token upon logout. Specifically, after an administrator logs out, the session token remains valid and active. An attacker with access to the local network can intercept or guess this…

Overview CVE-2025-65806 details a critical vulnerability discovered in the E-POINT CMS’s file upload functionality, specifically within the eagle.gsam-1169.1 component. This vulnerability allows a remote attacker to achieve Remote Code Execution (RCE) by uploading a specially crafted, nested ZIP archive. The CMS’s insufficient validation of archive contents allows the extraction of malicious files, such as webshells, into web-accessible directories. Technical Details The core of the vulnerability lies in the CMS’s improper handling of nested archive files. An attacker can craft a malicious ZIP archive containing another ZIP archive. The inner ZIP archive contains an executable file, commonly a PHP webshell (e.g.,…

Overview CVE-2025-63499 describes a Cross-Site Scripting (XSS) vulnerability found in Alinto Sogo version 5.12.3. This vulnerability allows attackers to inject arbitrary web scripts into the web pages viewed by other users. The specific attack vector lies within the theme parameter of the Sogo application. Technical Details The vulnerability exists due to insufficient sanitization of user-supplied input within the theme parameter. An attacker can craft a malicious URL containing JavaScript code within this parameter. When a user clicks on this crafted URL, the injected JavaScript code executes in their browser, potentially allowing the attacker to steal cookies, redirect the user to…

Published: 2025-12-04 Overview CVE-2025-29269 details a command injection vulnerability discovered in ALLNET ALL-RUT22GW v3.3.8 industrial LTE cellular routers. The vulnerability resides in the `popen.cgi` endpoint and can be exploited via the `command` parameter. This allows attackers to inject and execute arbitrary OS commands on the affected device. Technical Details The `popen.cgi` endpoint is intended to execute specific commands on the router. However, insufficient input validation on the `command` parameter allows an attacker to inject malicious code alongside the intended command. This injected code is then executed with the privileges of the web server process, potentially granting the attacker complete control…

Overview CVE-2025-29268 details a critical security vulnerability discovered in ALLNET ALL-RUT22GW v3.3.8 industrial LTE cellular routers. The vulnerability stems from the presence of hardcoded credentials within the libicos.so library. This allows unauthorized access and potential compromise of affected devices. Technical Details The specific flaw resides in the libicos.so library, which is a crucial component of the router’s firmware. Security researchers discovered that this library contains static, hardcoded credentials used for authentication. An attacker who obtains these credentials can remotely access and control the router, potentially gaining access to sensitive data, modifying configurations, or using the router as a point of…

Overview An Insecure Direct Object Reference (IDOR) vulnerability, tracked as CVE-2025-12997, has been discovered in the Medtronic CareLink Network. This vulnerability could allow an authenticated attacker, possessing specific device and user information, to potentially access sensitive user data by crafting and submitting malicious web requests to a vulnerable API endpoint. Technical Details The vulnerability stems from insufficient authorization checks within the CareLink Network’s API. An attacker who already has legitimate access to some device and user data can potentially manipulate identifiers in API requests to access data belonging to other users or devices that they are not authorized to view.…

Overview A medium-severity security vulnerability, identified as CVE-2025-12996, has been discovered in the Medtronic CareLink Network. This flaw allows a local attacker with access to log files on an internal API server to potentially view plaintext passwords under specific error logging conditions. The vulnerability affects CareLink Network versions prior to December 4, 2025. Technical Details The vulnerability stems from the logging of sensitive data, specifically plaintext passwords, in error logs generated by an internal API server within the Medtronic CareLink Network. If an error condition occurs related to password authentication or processing, the system might unintentionally include the password value…

Overview A critical security vulnerability, identified as CVE-2025-12995, has been discovered in the Medtronic CareLink Network. This vulnerability allows an unauthenticated remote attacker to perform a brute-force attack on an API endpoint. Successful exploitation of this vulnerability could allow the attacker to determine a valid password under certain circumstances. This vulnerability affects CareLink Network versions prior to December 4, 2025. Technical Details The vulnerability resides in a publicly accessible API endpoint within the Medtronic CareLink Network. The endpoint lacks sufficient rate limiting or account lockout mechanisms, making it susceptible to brute-force attacks. An attacker can repeatedly send password guesses to…

Overview A medium severity vulnerability, identified as CVE-2025-12994, has been discovered in the Medtronic CareLink Network. This flaw allows an unauthenticated remote attacker to initiate a request for security questions to an API endpoint. This could potentially be exploited to determine valid user accounts within the system. This issue affects CareLink Network versions prior to the update released on December 4, 2025. Technical Details CVE-2025-12994 stems from insufficient access control on an API endpoint within the Medtronic CareLink Network. An attacker can leverage this weakness to probe the system for valid usernames by repeatedly sending requests to the vulnerable endpoint…