Skip to main content
CVE-2025-45985 CRITICAL POC THREAT Emergency

Critical remote command injection vulnerability affecting multiple Blink router models through the bs_SetSSIDHide function, allowing unauthenticated attackers to execute arbitrary commands with full system compromise. The vulnerability impacts 8 distinct product lines across versions ranging from v1.0.0 to v4.0.0, with a CVSS score of 9.8 indicating severe severity due to network accessibility, low attack complexity, and no privilege requirements. This represents an actively exploitable flaw affecting home and small business network infrastructure with potential for widespread compromise.

Command Injection RCE Blac450m Ae4 Firmware Bl Lte300 Firmware Bl X26 Ac8 Firmware +5
NVD GitHub
CVSS 3.1
9.8
EPSS
27.7%
Threat
4.3
CVE-2025-45988 CRITICAL POC Act Now

A command injection vulnerability (CVSS 9.8). Risk factors: public PoC available.

Command Injection RCE IoT Bl Lte300 Firmware Bl X26 Ac8 Firmware +7
NVD GitHub
CVSS 3.1
9.8
EPSS
3.0%
CVE-2025-45987 CRITICAL POC Act Now

Multiple Blink router models (8 distinct firmware versions across product lines) contain unauthenticated command injection vulnerabilities in the DNS configuration function (bs_SetDNSInfo), allowing remote attackers to execute arbitrary system commands with no authentication required. The CVSS 9.8 rating reflects the critical nature: network-exploitable, no privilege escalation needed, and complete compromise of confidentiality, integrity, and availability. While no KEV or public POC is documented in standard vulnerability databases as of this analysis, the combination of network accessibility and lack of authentication requirements makes this a high-priority threat for all affected Blink router owners.

Command Injection Bl Ac2100 Az3 Firmware Bl Lte300 Firmware Blac450m Ae4 Firmware Bl Wr9000 Firmware +3
NVD GitHub
CVSS 3.1
9.8
EPSS
3.0%
CVE-2025-45986 CRITICAL POC Act Now

A critical unauthenticated remote command injection vulnerability exists in multiple Blink router models through the 'mac' parameter in the bs_SetMacBlack function, allowing attackers to execute arbitrary commands with full system privileges. Affected models include BL-WR9000 V2.4.9, BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5, BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0, and BL-X26_DA3 v1.2.7. With a CVSS score of 9.8 and network-based attack vector requiring no authentication or user interaction, this vulnerability poses severe risk to any exposed router on the network.

Command Injection Netgear RCE Bl Wr9000 Firmware Bl F1200 At1 Firmware +6
NVD GitHub
CVSS 3.1
9.8
EPSS
3.0%
CVE-2025-45984 CRITICAL POC Act Now

A command injection vulnerability (CVSS 9.8). Risk factors: public PoC available.

Command Injection RCE Netgear Bl F1200 At1 Firmware Bl Ac1900 Firmware +7
NVD GitHub
CVSS 3.1
9.8
EPSS
3.0%
CVE-2025-28386 CRITICAL POC Act Now

Critical remote code execution vulnerability in OpenC3 COSMOS v6.0.0's Plugin Management component that allows unauthenticated attackers to execute arbitrary code by uploading a specially crafted .txt file. The vulnerability has a CVSS score of 9.8 (critical severity) with no authentication or user interaction required, making it trivially exploitable over the network. Given the high CVSS score and attack surface (public-facing plugin management interfaces), this vulnerability poses an immediate threat to all deployed instances of the affected version.

RCE Cosmos
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2025-46060 CRITICAL POC Act Now

Critical remote code execution vulnerability in TOTOLINK N600R router firmware v4.3.0cu.7866_B2022506, exploitable through a buffer overflow in the UPLOAD_FILENAME parameter without authentication. An unauthenticated remote attacker can execute arbitrary code with no user interaction required, achieving complete system compromise with CVSS 9.8 severity. KEV status and active exploitation data unavailable from provided sources; EPSS probability should be assumed high given unauthenticated network attack vector and critical impact.

Buffer Overflow RCE N600r Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2025-49596 CRITICAL POC PATCH Act Now

MCP Inspector versions below 0.14.1 contain a critical authentication bypass vulnerability (CVE-2025-49596) that enables unauthenticated remote code execution through unprotected communication between the Inspector client and proxy. Attackers can exploit this over the network without user interaction beyond the initial proxy connection to execute arbitrary MCP commands via stdio, achieving complete system compromise with CVSS 9.4 severity. The vulnerability requires immediate patching as it represents a complete authentication failure in a developer tool that is typically deployed on development systems with elevated privileges.

RCE Authentication Bypass
NVD GitHub
CVSS 4.0
9.4
EPSS
2.5%
CVE-2025-28388 CRITICAL POC Act Now

OpenC3 COSMOS versions before v6.0.2 contain hardcoded credentials embedded in the Service Account, allowing unauthenticated remote attackers to gain complete system compromise without any user interaction. This critical vulnerability has a CVSS score of 9.8 (critical severity) with a network attack vector, and given the nature of hardcoded credentials in a mission-critical space operations software, real-world exploitation risk is extremely high for organizations still running vulnerable versions.

Information Disclosure Cosmos
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-28389 CRITICAL POC Act Now

Critical authentication bypass vulnerability in OpenC3 COSMOS v6.0.0 caused by weak password requirements that enable brute force attacks. An unauthenticated remote attacker can exploit this with no user interaction to gain full control over the affected system, including confidentiality, integrity, and availability compromise. The CVSS 9.8 severity and network-based attack vector indicate this poses significant risk to any organization running the vulnerable version without additional protective controls.

Authentication Bypass Brute Force Credential Stuffing Cosmos
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-28384 CRITICAL POC Act Now

Critical directory traversal vulnerability in OpenC3 COSMOS versions before 6.1.0 affecting the /script-api/scripts/ endpoint. An unauthenticated attacker can exploit this flaw over the network with no user interaction required to read and potentially write arbitrary files on the affected system, achieving high confidentiality and integrity impact. The vulnerability has a CVSS score of 9.1 (Critical) with an CVSS vector indicating network-based attack, low complexity, and no privilege requirements.

Path Traversal Cosmos
NVD GitHub
CVSS 3.1
9.1
EPSS
1.2%
CVE-2025-29902 CRITICAL PATCH Act Now

Critical remote code execution vulnerability with a perfect CVSS 10.0 score that allows unauthenticated attackers to execute arbitrary code on affected servers over the network with no user interaction required. The vulnerability stems from improper handling of code evaluation (CWE-94: Improper Control of Generation of Code) and affects systems processing untrusted input. Given the maximum CVSS severity, network attack vector, and lack of authentication requirements, this vulnerability represents an immediate and severe threat to any exposed systems and should be treated as a critical priority for patching regardless of additional context.

RCE
NVD
CVSS 3.1
10.0
EPSS
0.7%
CVE-2025-5288 CRITICAL Act Now

The REST API | Custom API Generator For Cross Platform And Import Export plugin for WordPress (versions 1.0.0-2.0.3) contains a critical privilege escalation vulnerability where the process_handler() function lacks capability checks, allowing unauthenticated attackers to create administrator accounts via malicious JSON imports. With a CVSS score of 9.8 and network-based attack vector requiring no user interaction, this is a severe, likely actively exploited vulnerability affecting any WordPress installation using vulnerable plugin versions.

WordPress Privilege Escalation PHP
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-46783 CRITICAL Act Now

Critical path traversal vulnerability in RICOH Streamline NX V3 PC Client (versions 3.5.0-3.242.0) that allows unauthenticated remote attackers to execute arbitrary code on affected systems by tampering with specific files used by the product. With a CVSS score of 9.8 and network-based attack vector requiring no user interaction, this vulnerability poses immediate risk to organizations deploying vulnerable versions of the RICOH client software. KEV and EPSS status, POC availability, and active exploitation data are not yet available in public disclosures, but the severity profile (CVSS 9.8, CVSS:3.0/AV:N/AC:L/PR:N/UI:N) suggests high exploitability.

RCE Path Traversal
NVD
CVSS 3.0
9.8
EPSS
0.1%
CVE-2024-38824 CRITICAL PATCH Act Now

Directory traversal vulnerability in the recv_file method that permits authenticated attackers to write arbitrary files to the master cache directory, potentially leading to code execution or system compromise. The vulnerability affects products using vulnerable file reception mechanisms and carries a critical CVSS 9.6 score with network accessibility and low complexity. While specific KEV/EPSS data was not provided in the intelligence briefing, the combination of high CVSS, low attack complexity, and authenticated-but-common access vectors suggests elevated real-world risk.

Path Traversal Salt Suse
NVD GitHub
CVSS 3.1
9.6
EPSS
0.2%
CVE-2025-6030 CRITICAL Act Now

Critical replay attack vulnerability in the Cyclone Matrix TRF Smart Keyless Entry System used in KIA vehicles, stemming from the use of fixed, predictable learning codes for lock/unlock operations. Attackers within wireless range can capture and replay these codes to lock or unlock affected vehicles without authentication. The vulnerability has been confirmed on 2024 KIA Soluto and other KIA models in Ecuador, with a CVSS score of 9.4 indicating severe impact across confidentiality, integrity, and availability of vehicle functions.

Information Disclosure
NVD
CVSS 4.0
9.4
EPSS
0.0%
CVE-2025-6029 CRITICAL Act Now

Critical vulnerability in aftermarket KIA-branded smart keyless entry systems (primarily distributed in Ecuador) that use fixed, reusable learning codes for lock/unlock operations, enabling replay attacks to gain unauthorized vehicle access. The vulnerability affects an unknown manufacturer's generic smart key fob transmitter and has a CVSS score of 9.4 with critical impact across confidentiality, integrity, and availability. While KEV status and active exploitation data are not yet confirmed, the trivial nature of replay attacks against static codes and the high CVSS vector suggest significant real-world risk requiring immediate user awareness and manufacturer patching.

Information Disclosure
NVD
CVSS 4.0
9.4
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy