Skip to main content
CVE-2025-34037 CRITICAL POC PATCH THREAT Act Now

Multiple Linksys E-Series router models contain an unauthenticated OS command injection vulnerability in the /tmUnblock.cgi and /hndUnblock.cgi endpoints accessible on port 8080. The ttcp_ip parameter is passed directly to a system shell without sanitization, enabling remote root-level command execution on the router.

RCE Command Injection
NVD Exploit-DB VulDB
CVSS 4.0
10.0
EPSS
81.5%
Threat
5.9
CVE-2025-32975 CRITICAL POC KEV THREAT Emergency

Authentication bypass in Quest KACE Systems Management Appliance allows remote unauthenticated attackers to impersonate any user and achieve complete administrative takeover via SSO mechanism flaws. Confirmed actively exploited (CISA KEV) with publicly available exploit code. Affects versions 13.0.x through 14.1.x across five major release branches. CVSS 10.0 (critical) with changed scope indicates full system compromise. EPSS score of 0.16% appears artificially low given confirmed active exploitation, suggesting targeted attacks rather than widespread scanning.

Authentication Bypass
NVD VulDB
CVSS 3.1
10.0
EPSS
0.2%
Threat
5.0
CVE-2025-34036 CRITICAL POC THREAT Emergency

White-labeled DVRs manufactured by TVT contain an unauthenticated OS command injection in the 'Cross Web Server' HTTP service on ports 81/82. The URI path handling for language extraction fails to sanitize input, enabling remote attackers to execute arbitrary commands on the surveillance DVR.

Command Injection RCE Authentication Bypass Td 2932td Hp Firmware Td 2108ts Cl Firmware +28
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
10.9%
CVE-2025-34035 CRITICAL POC Act Now

CVE-2025-34035 is a critical OS command injection vulnerability in EnGenius EnShare Cloud Service versions 1.4.11 and earlier, affecting the usbinteract.cgi script which fails to sanitize the 'path' parameter. Unauthenticated remote attackers can inject arbitrary shell commands executed with root privileges, resulting in complete system compromise. Active exploitation has been documented by the Shadowserver Foundation as of 2024-12-05, indicating real-world threat activity.

Command Injection Esr900 Firmware Esr1200 Firmware Esr350 Firmware Esr300 Firmware +3
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
7.6%
CVE-2025-34040 CRITICAL POC Act Now

An arbitrary file upload vulnerability exists in the Zhiyuan OA platform via the wpsAssistServlet interface. The realFileType and fileId parameters are improperly validated during multipart file uploads, allowing unauthenticated attackers to upload crafted JSP files outside of intended directories using path traversal. Successful exploitation enables remote code execution as the uploaded file can be accessed and executed through the web server. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-01 UTC.

File Upload RCE Path Traversal
NVD Exploit-DB VulDB
CVSS 4.0
10.0
EPSS
3.8%
CVE-2021-41691 CRITICAL POC Act Now

A remote code execution vulnerability in OS4Ed Open Source Information System Community (CVSS 9.8). Critical severity with potential for significant impact on affected systems.

PHP SQLi Opensis
NVD GitHub
CVSS 3.1
9.8
EPSS
2.4%
CVE-2025-48469 CRITICAL POC Act Now

A privilege escalation vulnerability (CVSS 9.6) that allows an unauthenticated attacker. Risk factors: public PoC available.

Privilege Escalation Authentication Bypass RCE Wise 4060lan Firmware Wise 4010lan Firmware +1
NVD
CVSS 3.1
9.6
EPSS
0.1%
CVE-2025-34041 CRITICAL Act Now

An OS command injection vulnerability exists in the Chinese versions of Sangfor Endpoint Detection and Response (EDR) management platform versions 3.2.16, 3.2.17, and 3.2.19. The vulnerability allows unauthenticated attackers to construct and send malicious HTTP requests to the EDR Manager interface, leading to arbitrary command execution with elevated privileges. This flaw only affects the Chinese-language EDR builds. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-04 UTC.

Command Injection
NVD
CVSS 4.0
10.0
EPSS
2.3%
CVE-2024-56731 CRITICAL PATCH Act Now

CVE-2024-56731 is a critical remote code execution vulnerability in Gogs (self-hosted Git service) versions prior to 0.13.3, where unprivileged users can delete files in the .git directory and achieve arbitrary command execution due to an incomplete patch of CVE-2024-39931. An unauthenticated remote attacker can execute arbitrary commands with the privileges of the RUN_USER account, compromising all code repositories and user data on affected instances. This represents an actively exploitable vulnerability with a perfect CVSS 3.1 score of 10.0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H), indicating network accessibility, low attack complexity, no privilege requirements, and complete system compromise.

RCE Gogs Suse
NVD GitHub
CVSS 3.1
10.0
EPSS
1.0%
CVE-2025-52572 CRITICAL Act Now

CVE-2025-52572 is a critical remote code execution vulnerability in Hikka, a Telegram userbot, affecting all versions across all platforms. The vulnerability exists in two exploitation paths: an unauthenticated web interface allowing direct RCE via attacker-controlled Telegram accounts, and an authenticated interface where insufficient UI warnings trick users into granting dangerous permissions, enabling both RCE and Telegram account compromise. Scenario 2 has been actively exploited in the wild, with a CVSS 10.0 score reflecting network-accessible unauthenticated attack paths and complete system compromise potential.

RCE
NVD GitHub
CVSS 3.1
10.0
EPSS
0.6%
CVE-2025-34039 CRITICAL POC Act Now

A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of the BeanShell testing servlet (bsh.servlet.BshServlet) without proper access controls. The servlet allows unauthenticated remote attackers to execute arbitrary Java code via the bsh.script parameter. This can be exploited to run system commands and ultimately gain full control over the target server. The issue is rooted in a third-party JAR component bundled with the application, and the servlet is accessible without authentication on vulnerable installations. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-05 UTC.

Java Authentication Bypass
NVD
CVSS 4.0
10.0
EPSS
0.3%
CVE-2025-4378 CRITICAL PATCH Act Now

CVE-2025-4378 is a critical authentication vulnerability in Ataturk University's ATA-AOF Mobile Application that combines cleartext transmission of sensitive information with hard-coded credentials, allowing unauthenticated attackers over the network to bypass authentication and abuse user accounts. All versions before 20.06.2025 are affected with a perfect CVSS 3.1 score of 10.0, indicating maximum severity across confidentiality, integrity, and availability dimensions.

Authentication Bypass
NVD VulDB
CVSS 3.1
10.0
EPSS
0.0%
CVE-2024-37743 CRITICAL Act Now

CVE-2024-37743 is a critical remote code execution vulnerability in mmzdev KnowledgeGPT v0.0.5 that allows unauthenticated attackers to execute arbitrary code through a flaw in the Document Display Component. The vulnerability has a CVSS score of 9.8 and CWE-94 classification (improper control of generation of code), indicating unsafe code generation or deserialization. Given the high CVSS and network-accessible attack vector with no authentication requirements, this represents an actively exploitable critical risk to any organization running the affected version.

RCE Knowledgegpt
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2025-52471 CRITICAL PATCH Act Now

A security vulnerability in the ESP-NOW protocol implementation within the ESP Wi-Fi component of (CVSS 9.8). Critical severity with potential for significant impact on affected systems. Vendor patch is available.

RCE Esp Idf
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2025-6559 CRITICAL Act Now

CVE-2025-6559 is an unauthenticated OS Command Injection vulnerability affecting multiple Sapido wireless router models that are out of support. Remote attackers can inject and execute arbitrary operating system commands with no authentication required, achieving complete system compromise. The CVSS 9.8 Critical severity reflects the trivial attack vector (network-accessible, no user interaction required) and complete impact on confidentiality, integrity, and availability.

Command Injection
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2025-48890 CRITICAL Act Now

CVE-2025-48890 is a critical OS command injection vulnerability in the miniigd SOAP service affecting WRH-733GBK and WRH-733GWH network storage devices. Remote unauthenticated attackers can execute arbitrary OS commands by sending specially crafted requests, achieving complete system compromise (CVSS 9.8). With an attack vector of Network/Low complexity/No privileges required, this vulnerability poses immediate risk to exposed devices.

Command Injection RCE IoT Netgear
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2025-43879 CRITICAL Act Now

CVE-2025-43879 is a critical OS command injection vulnerability in Whirlpool refrigerator models WRH-733GBK and WRH-733GWH that allows unauthenticated remote attackers to execute arbitrary operating system commands via the telnet function. With a CVSS 9.8 score and network-accessible attack vector requiring no authentication or user interaction, this vulnerability poses immediate risk to any connected affected appliance. The vulnerability's presence in IoT/appliance firmware suggests potential for botnet recruitment, lateral network movement, or data exfiltration from vulnerable devices.

Command Injection
NVD
CVSS 3.0
9.8
EPSS
0.4%
CVE-2025-6424 CRITICAL PATCH Act Now

A denial of service vulnerability (CVSS 9.8). Critical severity with potential for significant impact on affected systems.

Use After Free Mozilla Denial Of Service Memory Corruption
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-6560 CRITICAL Act Now

CVE-2025-6560 is a critical authentication bypass vulnerability affecting multiple Sapido wireless router models, where unauthenticated remote attackers can directly access system configuration files containing plaintext administrator credentials. The affected models are end-of-life products with no vendor patches available; this vulnerability carries a CVSS 9.8 rating and likely has exploitation activity given the simplicity of the attack vector and lack of defensive complexity. Immediate device replacement is the only viable remediation.

Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-50213 CRITICAL PATCH Act Now

Apache Airflow Providers Snowflake versions before 6.4.0 contain a Special Element Injection vulnerability (CWE-75) in the CopyFromExternalStageToSnowflakeOperator that fails to properly sanitize table and stage parameters, allowing unauthenticated attackers to execute arbitrary SQL injection attacks with complete system compromise (CVSS 9.8). This is a critical remote vulnerability requiring network access only, with no authentication or user interaction needed, making it a high-priority patch regardless of KEV/EPSS status.

Apache SQLi Python Apache Airflow Providers Snowflake
NVD GitHub
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-49851 CRITICAL Act Now

ControlID iDSecure On-premises versions 4.7.48.0 and earlier contain an improper authentication vulnerability (CWE-287) that allows unauthenticated network attackers to completely bypass authentication mechanisms and gain unauthorized permissions within the application. With a CVSS 9.8 score reflecting network-accessible, low-complexity exploitation requiring no user interaction or privileges, this represents a critical remote authentication bypass affecting all confidentiality, integrity, and availability of the system. The vulnerability's presence in a widely-deployed identity and access control product makes this a high-priority threat requiring immediate patching.

Authentication Bypass Control Id Idsecure
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-6433 CRITICAL PATCH Act Now

CVE-2025-6433 is a critical WebAuthn specification violation in Firefox and Thunderbird that allows attackers to present WebAuthn authentication challenges over non-secure TLS connections with user-granted exceptions. This bypasses the WebAuthn requirement for secure transport without errors, enabling credential theft and account compromise. Firefox < 140 and Thunderbird < 140 are affected; the network-based attack requires no privileges or user interaction beyond the initial certificate exception grant, resulting in a CVSS 9.8 critical rating.

Mozilla Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-52571 CRITICAL PATCH Act Now

CVE-2025-52571 is a critical authentication bypass vulnerability in Hikka Telegram userbot affecting versions below 1.6.2 that allows unauthenticated attackers to gain unauthorized access to victims' Telegram accounts and full server control. The vulnerability has a CVSS score of 9.6 (Critical) with network-based exploitation requiring only user interaction; patch version 1.6.2 is available as the sole remediation with no known workarounds.

Information Disclosure
NVD GitHub
CVSS 3.1
9.6
EPSS
0.2%
CVE-2025-32977 CRITICAL Act Now

CVE-2025-32977 is a critical unauthenticated backup file upload vulnerability in Quest KACE Systems Management Appliance (SMA) that allows attackers to bypass signature validation and upload malicious backup content, potentially achieving remote code execution with system-wide impact. The vulnerability affects SMA versions 13.0.x through 14.1.x and requires only user interaction (UI:R) but no authentication (PR:N), with a CVSS 9.6 severity rating indicating high exploitability.

Authentication Bypass
NVD VulDB
CVSS 3.1
9.6
EPSS
0.1%
CVE-2025-2566 CRITICAL PATCH Act Now

CVE-2025-2566 is an unsafe Java deserialization vulnerability in Kaleris NAVIS N4 ULC that allows unauthenticated attackers to execute arbitrary code on affected servers through specially crafted requests. The vulnerability affects Kaleris NAVIS N4 Ultra Light Client installations and presents critical risk due to its network-accessible attack vector, lack of authentication requirements, and remote code execution impact. Given the CVSS 9.3 score and unauthenticated attack surface, this should be treated as a priority vulnerability for organizations running affected versions.

Deserialization RCE Java
NVD
CVSS 4.0
9.3
EPSS
0.7%
CVE-2025-4383 CRITICAL PATCH Act Now

A authentication bypass vulnerability in Art-in Bilişim Teknolojileri ve Yazılım Hizm (CVSS 9.3). Critical severity with potential for significant impact on affected systems.

Authentication Bypass
NVD VulDB
CVSS 3.1
9.3
EPSS
0.1%
CVE-2025-6427 CRITICAL PATCH Act Now

A security vulnerability in Devtools. This vulnerability affects Firefox (CVSS 9.1). Critical severity with potential for significant impact on affected systems.

Mozilla Authentication Bypass
NVD
CVSS 3.1
9.1
EPSS
0.1%
CVE-2025-49853 CRITICAL Act Now

ControlID iDSecure On-premises versions 4.7.48.0 and prior contain SQL injection vulnerabilities that allow unauthenticated remote attackers to execute arbitrary SQL queries, potentially leaking sensitive information or modifying database contents. The CVSS 9.1 score reflects the critical nature (high confidentiality and integrity impact), though availability is not directly affected. Active exploitation status and proof-of-concept availability cannot be confirmed from provided data, but the unauthenticated, network-accessible attack vector makes this a high-priority vulnerability.

Information Disclosure Control Id Idsecure SQLi
NVD
CVSS 3.1
9.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy