Published: 2025-11-26T23:15:48.093 Overview This article details CVE-2025-64330, a high-severity vulnerability affecting Suricata, a leading open-source network intrusion detection system (IDS), intrusion prevention system (IPS), and network security monitoring (NSM) engine. This heap overflow vulnerability, if exploited, can lead to crashes and potentially arbitrary code execution. It’s crucial to understand the nature of this flaw and take immediate action to mitigate the risk. Technical Details CVE-2025-64330 involves a single-byte read heap overflow within Suricata’s logging functionality. Specifically, the vulnerability occurs when logging the verdict (alert or drop) in eve.alert and eve.drop records. This happens under specific conditions: the per-packet alert queue…

Overview A critical Remote Code Execution (RCE) vulnerability, identified as CVE-2025-62593, has been discovered in Ray, a distributed AI compute engine. This vulnerability affects developers using Ray as a development tool and can be exploited through browsers like Firefox and Safari. The issue stems from an insufficient defense against browser-based attacks, making Ray installations vulnerable to malicious websites and malvertising campaigns. A patch is available in version 2.52.0. Technical Details The vulnerability in Ray AI arises from an inadequate guard against browser-based attacks. The existing defense relies on checking the User-Agent header for the string “Mozilla”. However, the fetch specification…

Overview CVE-2025-40934 describes a significant vulnerability in the XML-Sig Perl module, specifically affecting versions 0.27 through 0.67. This flaw allows an attacker to bypass signature validation by simply removing the signature from an XML document. The module incorrectly reports a successful validation even when no signature is present, potentially leading to severe security implications. Technical Details The vulnerability stems from the way XML-Sig handles XML documents lacking signatures. Instead of correctly identifying the absence of a signature as an error condition, the affected versions return a ‘true’ value, indicating successful validation. This behavior opens a door for attackers to manipulate…

Overview CVE-2020-36874 details a critical vulnerability affecting ACE SECURITY WIP-90113 HD cameras. This vulnerability allows an unauthenticated remote attacker to download the device’s configuration backup file. This backup can contain sensitive information, including administrative credentials, potentially leading to complete compromise of the camera and potentially the network it is connected to. Technical Details The vulnerability exists in the /web/cgi-bin/hi3510/backup.cgi endpoint. This endpoint, intended for creating configuration backups, lacks any authentication or authorization checks. An attacker can simply request this URL to download a compressed archive of the camera’s configuration. This archive typically includes: Administrative usernames and passwords (often stored in…

Overview CVE-2020-36873 describes a critical vulnerability affecting Astak CM-818T3 2.4GHz wireless security surveillance cameras. This flaw allows unauthenticated remote attackers to download a compressed configuration backup file directly from the camera via the /web/cgi-bin/hi3510/backup.cgi endpoint. This backup contains sensitive information, including administrative credentials, potentially leading to full compromise of the device and potentially impacting the connected network. Technical Details The vulnerability lies in the lack of authentication or authorization checks before serving the configuration backup file. By simply accessing the /web/cgi-bin/hi3510/backup.cgi endpoint, a remote attacker can download a .tar.gz archive. This archive contains configuration files which commonly store passwords (often…

Overview CVE-2020-36872 describes a remote denial-of-service (DoS) vulnerability affecting BACnet Test Server versions up to and including 1.01. This vulnerability resides in the application’s handling of BACnet/IP BVLC packets. By sending a specially crafted UDP BVLC frame with a malformed BVLC Length field, an unauthenticated attacker can trigger an access violation, causing the server application to crash and resulting in a DoS condition. This can disrupt or completely halt BACnet testing procedures. Technical Details The BACnet Test Server software listens for incoming UDP BVLC frames on the default BACnet port (47808/udp). The core of the vulnerability lies in the insufficient…

Overview CVE-2020-36871 is a security vulnerability affecting ESCAM QD-900 WIFI HD cameras. This vulnerability allows an unauthenticated attacker to remotely download a compressed configuration backup file from the camera via the /web/cgi-bin/hi3510/backup.cgi endpoint. This backup file can contain sensitive information, including administrative credentials, which could lead to unauthorized access and further compromise of the camera and potentially the connected network. Technical Details The vulnerability resides in the lack of authentication and authorization checks on the /web/cgi-bin/hi3510/backup.cgi endpoint. A remote attacker can simply request this URL to trigger the generation and download of the configuration backup file. The configuration file is…

Overview CVE-2019-25227 describes a critical vulnerability affecting Tellion HN-2204AP routers. This security flaw allows an unauthenticated attacker to remotely retrieve a compressed configuration archive from the device. The exposed configuration files may contain sensitive information, including administrative credentials, wireless keys (passwords), and other crucial network settings. This unauthorized access significantly increases the risk of device and network compromise. Technical Details The vulnerability resides in the /cgi-bin/system_config_file management endpoint of the Tellion HN-2204AP router’s web interface. The core issue is the lack of proper authentication or authorization checks before allowing access to this endpoint. By simply sending a request to this…

Overview CVE-2019-25226 describes an unauthenticated configuration disclosure vulnerability affecting Dongyoung Media DM-AP240T/W wireless access points. This vulnerability allows a remote attacker to retrieve a compressed configuration archive from the /cgi-bin/sys_system_config management endpoint without needing any authentication. The configuration archive can contain sensitive information, including administrative credentials, network settings, and other security-related parameters. Exploiting this vulnerability could allow an attacker to gain unauthorized access to the device and potentially the entire network. Technical Details The vulnerability resides in the web management interface of the Dongyoung Media DM-AP240T/W access points. Specifically, the /cgi-bin/sys_system_config endpoint is accessible without requiring any authentication or authorization.…

Overview CVE-2025-65202 details a critical authenticated remote OS command injection vulnerability found in TRENDnet TEW-657BRM routers running firmware version 1.00.1. This vulnerability resides within the setup.cgi binary. A malicious actor, after successfully authenticating, can leverage specific HTTP parameters to inject and execute arbitrary operating system commands with root privileges. This poses a significant security risk, potentially allowing attackers to completely compromise the affected router and the network it serves. Technical Details The vulnerability stems from improper input sanitization within the setup.cgi script. The script utilizes user-supplied data from the HTTP requests without adequate validation, making it susceptible to command injection.…