CVE-2025-52089 is a critical remote code execution vulnerability in TOTOLINK N300RB firmware version 8.54, where a hidden remote support feature protected only by a static secret allows authenticated attackers to execute arbitrary OS commands with root privileges. While the CVSS 3.1 score of 8.8 reflects high severity, the attack vector is adjacent network (AV:A), limiting widespread exploitation to network-adjacent attackers. The vulnerability has not been publicly confirmed as actively exploited or included in CISA's Known Exploited Vulnerabilities (KEV) catalog, but the simplistic authentication mechanism (static secret) and hidden feature design suggest high exploitability once discovered.
CVE-2025-7460 is a critical buffer overflow vulnerability in the setWiFiAclRules function of TOTOLINK T6 routers (version 4.1.5cu.748_B20211015) that allows authenticated remote attackers to achieve code execution through malformed MAC address parameters in HTTP POST requests. The vulnerability has been publicly disclosed with proof-of-concept availability and poses immediate risk to deployed TOTOLINK T6 devices; exploitation requires valid credentials but no user interaction.
CVE-2025-7434 is a critical stack-based buffer overflow vulnerability in Tenda FH451 wireless routers (versions up to 1.0.0.9) affecting the POST request handler for the /goform/addressNat endpoint. An authenticated remote attacker can exploit improper input validation on the 'page' parameter to overflow the stack, achieving arbitrary code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code exists and the vulnerability may be actively exploited in the wild.
CVE-2025-7423 is a critical stack-based buffer overflow vulnerability in Tenda O3V2 router firmware (version 1.0.0.12(3880)) affecting the WiFi MAC filter functionality. An authenticated attacker can remotely exploit this vulnerability by sending a malicious macList parameter to the /goform/setWrlFilterList endpoint, achieving arbitrary code execution with full system compromise (confidentiality, integrity, and availability impact). The vulnerability has public exploit disclosure and may be actively exploited in the wild.
A buffer overflow vulnerability in A vulnerability classified as critical (CVSS 8.8). Risk factors: public PoC available.
A critical stack-based buffer overflow vulnerability exists in Tenda O3V2 firmware version 1.0.0.12(3880) in the MAC filter modification function. An authenticated remote attacker can exploit improper input validation of the 'mac' parameter to achieve remote code execution with full system compromise (confidentiality, integrity, and availability impact). The vulnerability has public exploit disclosure and demonstrates high real-world exploitability.
CVE-2025-7420 is a critical stack-based buffer overflow vulnerability in Tenda O3V2 router firmware (version 1.0.0.12(3880)) affecting the httpd component's WiFi configuration handler. An authenticated remote attacker can overflow the stack via the 'extChannel' parameter in the /goform/setWrlBasicInfo endpoint, achieving complete system compromise including arbitrary code execution, data theft, and denial of service. Public exploit code has been disclosed and the vulnerability meets CVSS 8.8 severity criteria, indicating high real-world risk for affected router deployments.
CVE-2013-3307 is an OS command injection vulnerability in Linksys wireless routers (E1000, E1200, E3200) that allows unauthenticated remote attackers to execute arbitrary shell commands via unsanitized input in the ping_ip parameter of apply.cgi on port 52000. The vulnerability affects E1000 through v2.1.02, E1200 before v2.0.05, and E3200 through v1.0.04, with a CVSS score of 8.3 reflecting high severity. This vulnerability has known public exploits and represents a critical remote code execution risk on home/small business networking equipment with no authentication required.
A SSRF vulnerability in for WordPress is vulnerable to Server-Side Request Forgery in all (CVSS 7.2). High severity vulnerability requiring prompt remediation. Vendor patch is available.
CVE-2025-53475 is a SQL injection vulnerability in Advantech iView's NetworkServlet.getNextTrapPage() function that allows authenticated users to execute arbitrary SQL queries and potentially achieve remote code execution within the context of the 'nt authority\local service' account. The vulnerability requires valid user-level credentials but has a high CVSS score of 8.8 due to the combination of high confidentiality, integrity, and availability impact. No KEV or active exploitation data is provided, but the authenticated requirement and network accessibility make this a moderate-to-high priority for organizations deploying Advantech iView.
CVE-2025-50122 is a cryptographic entropy vulnerability (CWE-331) in password generation algorithms that allows attackers with access to installation or upgrade artifacts to reverse engineer and discover root passwords. This affects products using insufficient entropy in their root password generation during deployment phases. With a CVSS score of 8.9 and network-adjacent attack vector, this poses a critical risk to systems deployed in environments where installation artifacts may be accessible or retained. The vulnerability requires moderate attack complexity but no user interaction, making it viable for targeted attacks against infrastructure during or shortly after deployment.
A remote code execution vulnerability in Advantech iView that allows for SQL injection and remote code execution (CVSS 8.8) that allows for sql injection and remote code execution. High severity vulnerability requiring prompt remediation.
CVE-2025-52577 is a SQL injection vulnerability in Advantech iView's NetworkServlet.archiveTrapRange() method that allows authenticated users to execute arbitrary SQL queries and potentially achieve remote code execution (RCE) within the LocalService account context. The vulnerability affects Advantech iView and requires user-level authentication, making it a post-authentication attack vector with high severity (CVSS 8.8). While no public POC or KEV status confirmation is available in provided data, the combination of SQL injection leading to RCE on a privileged service account represents significant risk for organizations deploying this network management solution.
CVE-2025-53641 is a Server-Side Request Forgery (SSRF) vulnerability in Postiz versions 1.45.1 through 1.62.2 that allows unauthenticated network attackers to inject arbitrary HTTP headers into the middleware pipeline, enabling unauthorized outbound requests from the affected server. With a CVSS score of 8.2 and network-accessible attack surface (AV:N/PR:N), this vulnerability poses significant risk to confidentiality of internal services and resources accessible from the server. The vulnerability is patched in version 1.62.3, and exploitation requires no user interaction or authentication, making it a high-priority remediation target.
CVE-2025-7029 is a critical SMRAM corruption vulnerability in software SMI handlers that allows local attackers with high privileges to achieve arbitrary memory writes and potential SMM privilege escalation. The vulnerability exists in SwSmiInputValue 0xB2 handler where attacker-controlled RBX register values are used to derive unvalidated pointers for power and thermal configuration operations. This affects firmware-level security boundaries and could enable complete system compromise, though exploitation requires elevated privileges and no public exploit code or active KEV exploitation has been reported at this time.
CVE-2025-7027 is a security vulnerability (CVSS 8.2) that allows a local attacker. High severity vulnerability requiring prompt remediation.
A privilege escalation vulnerability (CVSS 8.2) that allows a local attacker. High severity vulnerability requiring prompt remediation.
CVE-2025-30402 is a heap buffer overflow vulnerability in ExecuTorch's method loading mechanism that can cause runtime crashes and potentially enable arbitrary code execution. The vulnerability affects ExecuTorch versions prior to commit 93b1a0c15f7eda49b2bc46b5b4c49557b4e9810f and requires user interaction (UI required per CVSS vector). With a CVSS score of 8.1 and remote attack vector, this represents a significant risk to applications embedding ExecuTorch, particularly those processing untrusted model files or executing remote inference requests.
CVE-2025-30403 is a heap buffer overflow vulnerability in Meta's mvfst QUIC implementation that allows remote attackers without privileges to trigger memory corruption and cause denial of service or potentially read sensitive data from heap memory. The vulnerability affects mvfst versions prior to v2025.07.07.00 and requires user interaction (opening a malicious QUIC connection), with a high CVSS score of 8.1 reflecting the severity of memory safety issues, though KEV status and EPSS probability data are not currently available in public disclosures.
CVE-2025-30025 is a local privilege escalation vulnerability in the inter-process communication (IPC) protocol between a server process and its service control mechanism, caused by insecure deserialization (CWE-502). An authenticated local attacker with limited privileges can exploit this flaw to escalate to higher privileges, potentially gaining complete system compromise including confidentiality, integrity, and availability impact. While the CVSS score of 7.8 indicates high severity, the local attack vector and requirement for prior authentication mean this affects primarily multi-user systems or scenarios where an attacker has already gained initial local access.
CVE-2025-7028 is a critical privilege escalation vulnerability in Software SMI handlers that allows local authenticated attackers to achieve arbitrary read/write access to System Management RAM (SMRAM) through unchecked pointer dereference. The vulnerability affects firmware implementations using vulnerable SwSmiInputValue 0x20 handlers across multiple OEM platforms; attackers can corrupt firmware, exfiltrate SMRAM contents, or install persistent implants. With a CVSS score of 7.8 (High) and low attack complexity, this represents a significant firmware security risk, though exploitation requires local access and low privileges.
A command injection vulnerability (CVSS 7.8). High severity vulnerability requiring prompt remediation.
CVE-2025-46358 is a local privilege escalation vulnerability in Emerson ValveLink products stemming from insufficient or missing cryptographic protection mechanisms (CWE-693). An unauthenticated local attacker can exploit this to achieve high-impact confidentiality and integrity violations without requiring user interaction. The vulnerability affects multiple ValveLink product versions and has a CVSS score of 7.7 (high severity) with local attack vector and low complexity.
CVE-2025-50109 affects Emerson ValveLink Products, which store sensitive information in cleartext within accessible resource locations, allowing local attackers without privileges to read confidential data. With a CVSS score of 7.7 and local attack vector, this vulnerability poses a significant confidentiality and integrity risk to industrial control system environments. The vulnerability's KEV status and actual exploitation likelihood should be confirmed with CISA and vendor advisories, as the high CVSS reflects substantial information exposure potential in proximity-based attack scenarios.
CVE-2025-48891 is a SQL injection vulnerability in Advantech iView's CUtils.checkSQLInjection() function that fails to properly sanitize user input, allowing authenticated attackers with user-level privileges to execute arbitrary SQL queries. This can lead to unauthorized information disclosure or denial-of-service conditions. The vulnerability requires network access and user authentication but has no UI interaction requirement, making it a significant risk for organizations using iView in multi-user environments.
A denial of service vulnerability (CVSS 7.5) that allows an attacker sending a bgp update with a specifically malformed as path. High severity vulnerability requiring prompt remediation.
A SQL injection vulnerability in WPGYM - Wordpress Gym Management System (CVSS 7.5). High severity vulnerability requiring prompt remediation.
A denial of service vulnerability (CVSS 7.5). High severity vulnerability requiring prompt remediation.
A denial of service vulnerability (CVSS 7.5). High severity vulnerability requiring prompt remediation.
Immich versions prior to 1.132.0 are vulnerable to account hijacking through OAuth2 state parameter validation bypass (CWE-303). An attacker can perform unauthorized account linkage by exploiting missing state parameter verification, allowing them to hijack victim accounts through crafted OAuth login URLs or hidden iframes embedded in malicious webpages. This vulnerability is particularly dangerous when OAuth providers are publicly accessible, and affected users can be compromised without direct interaction if the /user-settings redirect_uri is configured.
A remote code execution vulnerability in line card script processing of Juniper Networks Junos OS allows a local (CVSS 7.3). High severity vulnerability requiring prompt remediation.
CVE-2025-52983 is a critical authentication bypass vulnerability in Juniper Networks Junos OS on VM Host Routing Engines where public keys configured for root access are not properly validated, allowing users possessing the corresponding private key to gain unauthorized root-level access even after the public key has been administratively removed from the system. This network-accessible vulnerability affects multiple Junos OS release branches and requires high privileges to configure but enables complete system compromise once exploited. While the CVSS score of 7.2 reflects significant impact, the practical risk depends on KEV designation and active exploitation status.
CVE-2025-50123 is a code injection vulnerability (CWE-94) in an unspecified server product that allows remote command execution when accessed via console by a privileged account through malicious hostname input. The vulnerability has a CVSS 4.0 score of 7.2 and requires physical access and high privileges, significantly limiting real-world exploitability despite the high impact potential. KEV status and EPSS scoring data are unavailable in provided intelligence, but the physical attack vector and high privilege requirement suggest this poses limited risk in typical network environments.
CVE-2025-50124 is a privilege escalation vulnerability (CWE-269: Improper Privilege Management) affecting server systems with a CVSS score of 7.2. The vulnerability exists in a setup script that can be exploited when accessed by a privileged account via console, allowing attackers to escalate privileges and gain high-impact control over confidentiality, integrity, and availability. This is a physical/local attack vector requiring high privileges and significant effort, limiting widespread exploitation but representing critical risk in restricted access environments.