Overview CVE-2025-13751 describes a local denial-of-service (DoS) vulnerability affecting the interactive service agent in OpenVPN versions 2.5.0 through 2.7_rc2 running on Windows. An authenticated local user can exploit this vulnerability to connect to the service and trigger an error, ultimately leading to a denial of service. Technical Details The vulnerability exists within the OpenVPN interactive service agent on Windows. A local, authenticated user can connect to this service and manipulate it in a way that triggers an unhandled exception or error condition. This error effectively crashes the service agent, leading to a local denial-of-service. The specific mechanism by which this…
-
-
Overview CVE-2025-13492 describes a potential security vulnerability identified in HP Image Assistant versions prior to 5.3.3. This vulnerability could potentially allow a local attacker to escalate their privileges via a race condition during package installation. It’s crucial for system administrators and users of HP Image Assistant to understand the implications and apply the necessary mitigations to protect their systems. Technical Details The vulnerability stems from a race condition that can occur during the installation of packages using HP Image Assistant. A local attacker with sufficient privileges to initiate package installations could potentially exploit this race condition to manipulate the installation…
-
Overview CVE-2024-32643 describes a high-severity vulnerability in Masa CMS, an open-source Enterprise Content Management platform. This vulnerability allows unauthorized users to bypass group restrictions and access restricted content by manipulating the URL to include a /tag/ declaration. Successful exploitation could lead to unauthorized access to sensitive information and potentially compromise the integrity of the CMS. This vulnerability affects Masa CMS versions prior to 7.2.8, 7.3.13, and 7.4.6. It has been addressed in versions 7.2.8, 7.3.13, and 7.4.6. Technical Details The vulnerability stems from insufficient input validation and access control mechanisms when handling URLs containing the /tag/ declaration. By appending /tag/…
-
Overview CVE-2024-32642 describes a high-severity vulnerability affecting Masa CMS, an open-source Enterprise Content Management platform. This vulnerability is classified as host header poisoning and allows a malicious actor to potentially take over user accounts via password reset emails. The issue was present in versions prior to 7.2.8, 7.3.13, and 7.4.6 and has been addressed in these respective releases. Technical Details The vulnerability stems from insufficient validation of the HTTP Host header. By manipulating the Host header in a password reset request, an attacker can inject a malicious domain. The Masa CMS application then uses this attacker-controlled domain to construct the…
-
Overview A critical remote code execution (RCE) vulnerability, identified as CVE-2024-32641, has been discovered in Masa CMS. This vulnerability affects versions prior to 7.2.8, 7.3.13, and 7.4.6. An unauthenticated attacker can exploit this flaw to execute arbitrary code on the affected server. Technical Details The vulnerability resides in the addParam function within Masa CMS. This function accepts user input through the criteria parameter. The input is subsequently passed to the setDynamicContent function, which evaluates the input. By crafting a malicious request containing specially crafted input within the m tag, an unauthenticated attacker can inject and execute arbitrary code on the…
-
Overview CVE-2025-7044 is a high-severity Improper Input Validation vulnerability affecting the user websocket handler of MAAS (Metal as a Service). This flaw allows an authenticated but unprivileged attacker to elevate their privileges to that of an administrator. By intercepting and manipulating a user.update websocket request, the attacker can inject the is_superuser property set to true. The server’s inadequate input validation then grants the attacker full administrative control over the entire MAAS deployment. Technical Details The vulnerability resides in the MAAS’s handling of websocket requests related to user updates. Specifically, the application fails to properly sanitize and validate the is_superuser property…
-
Overview CVE-2025-65320 describes a vulnerability affecting Abacre Restaurant Point of Sale (POS) software, versions up to 15.0.0.1656. This vulnerability involves the cleartext storage of sensitive information, specifically device-bound license keys, in the application’s process memory during activation attempts. This means an attacker with access to the system’s memory could potentially extract these keys and use them maliciously. Technical Details During the license activation process, Abacre Restaurant POS stores the license key unencrypted in the system’s memory. An attacker with sufficient privileges or access to memory analysis tools can potentially dump the process memory of the Abacre Restaurant POS application and…
-
Overview This article details a stored Cross-Site Scripting (XSS) vulnerability identified as CVE-2025-57202 affecting the AVTECH SECURITY Corporation DGM1104 device. This vulnerability allows attackers to inject malicious JavaScript or HTML code into the device’s web interface, potentially compromising user accounts and system integrity. This issue resides in the `PwdGrp.cgi` endpoint. Technical Details The vulnerability exists within the `PwdGrp.cgi` endpoint of the AVTECH DGM1104 device’s web interface. Specifically, the `username` field is susceptible to stored XSS. An attacker can inject a malicious payload (e.g., a JavaScript snippet) into this field. When another user (or the administrator) views the user management section,…
-
Overview CVE-2025-57201 describes a high-severity command injection vulnerability found in AVTECH SECURITY Corporation’s DGM1104 devices, specifically affecting the FullImg-1015-1004-1006-1003 firmware. This vulnerability resides within the SMB server function of the device. A successful exploit of this vulnerability allows an authenticated attacker to execute arbitrary commands on the affected system. Technical Details The vulnerability is located in the SMB server functionality of the AVTECH DGM1104. It stems from insufficient sanitization of user-supplied input within a specific function related to image processing. An authenticated attacker can inject arbitrary commands by crafting malicious input that is then processed by the SMB server. This…
-
Overview CVE-2025-57199 describes a critical command injection vulnerability discovered in AVTECH SECURITY Corporation’s DGM1104 FullImg-1015-1004-1006-1003. This vulnerability resides within the NetFailDetectD binary. An authenticated attacker can exploit this flaw to execute arbitrary commands on the affected system by providing specially crafted input. Technical Details The vulnerability stems from insufficient input validation within the NetFailDetectD binary. When handling specific inputs related to network failure detection, the application fails to properly sanitize user-supplied data before using it in a system command. An attacker with valid credentials can inject malicious commands into the input parameters, leading to arbitrary code execution with the privileges…