Free Daily Cyber Security Newsletter

Subject: CyberAlerts Daily Newsletter - May 21, 2025

This newsletter highlights several critical and high-severity vulnerabilities that users should address promptly. The most urgent issue is with vLLM, an inference engine for large language models, which has a critical remote code execution vulnerability (CVE-2025-47277) affecting versions 0.6.5 through 0.8.4. This flaw occurs when using the PyNcclPipe communication service and could allow unauthorized access to sensitive data. Users are urged to upgrade to version 0.8.5 or later to mitigate this risk. Another critical vulnerability is in the SEL-5056 Software-Defined Network Flow Controller (CVE-2025-48017), where improper pathname limitations allow file modifications and uploads, potentially leading to unauthorized access. Users should apply patches immediately. Netgear's DGND3700 router also faces a critical vulnerability (CVE-2025-4978) related to improper authentication in its Basic Authentication component, potentially allowing remote attackers to bypass security. Immediate updates are recommended as exploits for this vulnerability are publicly available. Additionally, a significant high-severity vulnerability (CVE-2025-4364) in a Fleet Management System from Assured Telematics allows unauthorized access to sensitive system information, which could lead to further exploitation. For users of TYPO3 CMS, two medium-severity vulnerabilities should be addressed: the unrestricted file upload issue (CVE-2025-47939) that allows harmful file uploads, and an unverified password change feature (CVE-2025-47938) that could enable unauthorized access if an admin session is compromised. Users should update TYPO3 to the latest versions listed in the advisories to resolve these issues. In summary, users should prioritize updates for vLLM, Netgear DGND3700, and TYPO3 CMS to protect against these vulnerabilities and potential exploitation.