Critical remote command injection vulnerability affecting multiple Blink router models through the bs_SetSSIDHide function, allowing unauthenticated attackers to execute arbitrary commands with full system compromise. The vulnerability impacts 8 distinct product lines across versions ranging from v1.0.0 to v4.0.0, with a CVSS score of 9.8 indicating severe severity due to network accessibility, low attack complexity, and no privilege requirements. This represents an actively exploitable flaw affecting home and small business network infrastructure with potential for widespread compromise.
A command injection vulnerability (CVSS 9.8). Risk factors: public PoC available.
Multiple Blink router models (8 distinct firmware versions across product lines) contain unauthenticated command injection vulnerabilities in the DNS configuration function (bs_SetDNSInfo), allowing remote attackers to execute arbitrary system commands with no authentication required. The CVSS 9.8 rating reflects the critical nature: network-exploitable, no privilege escalation needed, and complete compromise of confidentiality, integrity, and availability. While no KEV or public POC is documented in standard vulnerability databases as of this analysis, the combination of network accessibility and lack of authentication requirements makes this a high-priority threat for all affected Blink router owners.
A critical unauthenticated remote command injection vulnerability exists in multiple Blink router models through the 'mac' parameter in the bs_SetMacBlack function, allowing attackers to execute arbitrary commands with full system privileges. Affected models include BL-WR9000 V2.4.9, BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5, BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0, and BL-X26_DA3 v1.2.7. With a CVSS score of 9.8 and network-based attack vector requiring no authentication or user interaction, this vulnerability poses severe risk to any exposed router on the network.
A command injection vulnerability (CVSS 9.8). Risk factors: public PoC available.
Critical remote code execution vulnerability in OpenC3 COSMOS v6.0.0's Plugin Management component that allows unauthenticated attackers to execute arbitrary code by uploading a specially crafted .txt file. The vulnerability has a CVSS score of 9.8 (critical severity) with no authentication or user interaction required, making it trivially exploitable over the network. Given the high CVSS score and attack surface (public-facing plugin management interfaces), this vulnerability poses an immediate threat to all deployed instances of the affected version.
Critical remote code execution vulnerability in TOTOLINK N600R router firmware v4.3.0cu.7866_B2022506, exploitable through a buffer overflow in the UPLOAD_FILENAME parameter without authentication. An unauthenticated remote attacker can execute arbitrary code with no user interaction required, achieving complete system compromise with CVSS 9.8 severity. KEV status and active exploitation data unavailable from provided sources; EPSS probability should be assumed high given unauthenticated network attack vector and critical impact.
MCP Inspector versions below 0.14.1 contain a critical authentication bypass vulnerability (CVE-2025-49596) that enables unauthenticated remote code execution through unprotected communication between the Inspector client and proxy. Attackers can exploit this over the network without user interaction beyond the initial proxy connection to execute arbitrary MCP commands via stdio, achieving complete system compromise with CVSS 9.4 severity. The vulnerability requires immediate patching as it represents a complete authentication failure in a developer tool that is typically deployed on development systems with elevated privileges.
OpenC3 COSMOS versions before v6.0.2 contain hardcoded credentials embedded in the Service Account, allowing unauthenticated remote attackers to gain complete system compromise without any user interaction. This critical vulnerability has a CVSS score of 9.8 (critical severity) with a network attack vector, and given the nature of hardcoded credentials in a mission-critical space operations software, real-world exploitation risk is extremely high for organizations still running vulnerable versions.
Critical authentication bypass vulnerability in OpenC3 COSMOS v6.0.0 caused by weak password requirements that enable brute force attacks. An unauthenticated remote attacker can exploit this with no user interaction to gain full control over the affected system, including confidentiality, integrity, and availability compromise. The CVSS 9.8 severity and network-based attack vector indicate this poses significant risk to any organization running the vulnerable version without additional protective controls.
Critical directory traversal vulnerability in OpenC3 COSMOS versions before 6.1.0 affecting the /script-api/scripts/ endpoint. An unauthenticated attacker can exploit this flaw over the network with no user interaction required to read and potentially write arbitrary files on the affected system, achieving high confidentiality and integrity impact. The vulnerability has a CVSS score of 9.1 (Critical) with an CVSS vector indicating network-based attack, low complexity, and no privilege requirements.
Critical remote code execution vulnerability with a perfect CVSS 10.0 score that allows unauthenticated attackers to execute arbitrary code on affected servers over the network with no user interaction required. The vulnerability stems from improper handling of code evaluation (CWE-94: Improper Control of Generation of Code) and affects systems processing untrusted input. Given the maximum CVSS severity, network attack vector, and lack of authentication requirements, this vulnerability represents an immediate and severe threat to any exposed systems and should be treated as a critical priority for patching regardless of additional context.
The REST API | Custom API Generator For Cross Platform And Import Export plugin for WordPress (versions 1.0.0-2.0.3) contains a critical privilege escalation vulnerability where the process_handler() function lacks capability checks, allowing unauthenticated attackers to create administrator accounts via malicious JSON imports. With a CVSS score of 9.8 and network-based attack vector requiring no user interaction, this is a severe, likely actively exploited vulnerability affecting any WordPress installation using vulnerable plugin versions.
Critical path traversal vulnerability in RICOH Streamline NX V3 PC Client (versions 3.5.0-3.242.0) that allows unauthenticated remote attackers to execute arbitrary code on affected systems by tampering with specific files used by the product. With a CVSS score of 9.8 and network-based attack vector requiring no user interaction, this vulnerability poses immediate risk to organizations deploying vulnerable versions of the RICOH client software. KEV and EPSS status, POC availability, and active exploitation data are not yet available in public disclosures, but the severity profile (CVSS 9.8, CVSS:3.0/AV:N/AC:L/PR:N/UI:N) suggests high exploitability.
Directory traversal vulnerability in the recv_file method that permits authenticated attackers to write arbitrary files to the master cache directory, potentially leading to code execution or system compromise. The vulnerability affects products using vulnerable file reception mechanisms and carries a critical CVSS 9.6 score with network accessibility and low complexity. While specific KEV/EPSS data was not provided in the intelligence briefing, the combination of high CVSS, low attack complexity, and authenticated-but-common access vectors suggests elevated real-world risk.
Critical replay attack vulnerability in the Cyclone Matrix TRF Smart Keyless Entry System used in KIA vehicles, stemming from the use of fixed, predictable learning codes for lock/unlock operations. Attackers within wireless range can capture and replay these codes to lock or unlock affected vehicles without authentication. The vulnerability has been confirmed on 2024 KIA Soluto and other KIA models in Ecuador, with a CVSS score of 9.4 indicating severe impact across confidentiality, integrity, and availability of vehicle functions.
Critical vulnerability in aftermarket KIA-branded smart keyless entry systems (primarily distributed in Ecuador) that use fixed, reusable learning codes for lock/unlock operations, enabling replay attacks to gain unauthorized vehicle access. The vulnerability affects an unknown manufacturer's generic smart key fob transmitter and has a CVSS score of 9.4 with critical impact across confidentiality, integrity, and availability. While KEV status and active exploitation data are not yet confirmed, the trivial nature of replay attacks against static codes and the high CVSS vector suggest significant real-world risk requiring immediate user awareness and manufacturer patching.