CyberAlerts

CVE-2025-3200

Description: An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems.

CVSS: CRITICAL (9.1)

EPSS Score: 0.02%

Source: CVE

April 28th, 2025 (about 1 month ago)

Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised

Description: Threat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zero-day attacks to breach servers and gain unauthorized access. The attacks, first observed by Orange Cyberdefense SensePost on February 14, 2025, involve chaining the below vulnerabilities - CVE-2024-58136 (CVSS score: 9.0) - An improper protection of alternate path flaw in the Yii PHP

CVSS: CRITICAL (9.0)

EPSS Score: 36.6%

Source: TheHackerNews

April 28th, 2025 (about 1 month ago)

CVE-2025-32432

CVE-2025-32432 – 0day Craft CMS discovered by Orange Cyberdefense

Description: Orange Cyberdefense (OCD) has discovered a critical vulnerability (CVE-2025-32432) in the Craft CMS software. OCD has approached us to work […]

CVSS: CRITICAL (10.0)

EPSS Score: 76.27%

Source: ONYPHE Blog

April 26th, 2025 (about 1 month ago)

CVE-2025-2907

Order Delivery Date Pro for WooCommerce < 12.3.1 - Unauthenticated Arbitrary Option Update

Description: The Order Delivery Date WordPress plugin before 12.3.1 does not have authorization and CSRF checks when importing settings. Furthermore it also lacks proper checks to only update options relevant to the Order Delivery Date WordPress plugin before 12.3.1. This leads to attackers being able to modify the default_user_role to administrator and users_can_register, allowing them to register as an administrator of the site for complete site takeover.

CVSS: CRITICAL (9.8)

EPSS Score: 3.36%

Source: CVE

April 26th, 2025 (about 1 month ago)

Reducing Remediation Time Remains a Challenge: How Tenable Vulnerability Watch Can Help

Description: Timely vulnerability remediation is an ongoing challenge for organizations as they struggle to prioritize the exposures that represent the greatest risk to their operations. Existing scoring systems are invaluable but can lack context. Here’s how Tenable’s Vulnerability Watch classification system can help.BackgroundOver the past six years working in Tenable’s research organization, I’ve watched known vulnerabilities and zero-day flaws plague organizations in the immediate aftermath of disclosure or even years afterwards. Following each blog post or threat report we’ve published, I kept coming back to the same question: Why are so many organizations struggling to remediate vulnerabilities in a timely manner?As someone who followed the evolution of COVID-19 variants throughout the beginning of the pandemic, I saw that the World Health Organization (WHO) began to label new variants under a classification system as the virus began to mutate. This classification system was designed to help prioritization efforts for monitoring and research. It included accessible labels like variants of interest and variants of concern to help communicate urgency and focus global attention.I began to wonder: What if we borrowed from the same type of classification system used by the WHO and applied it to vulnerability intelligence? Numeric-based systems like the Common Vulnerability Scoring System (CVSS) and Exploit Prediction Scoring System (EPSS) provide mechanisms for prioritization based o...

CVSS: CRITICAL (9.8)

EPSS Score: 92.52%

Source: Tenable Blog

April 25th, 2025 (about 1 month ago)

CVE-2025-25775

Codeastro Bus Ticket Booking System v1.0 is vulnerable to SQL injection via the kodetiket parameter in /BusTicket-CI/tiket/cekorder.

Description: Codeastro Bus Ticket Booking System v1.0 is vulnerable to SQL injection via the kodetiket parameter in /BusTicket-CI/tiket/cekorder.

CVSS: CRITICAL (9.8)

EPSS Score: 0.04%

SSVC Exploitation: poc

Source: CVE

April 25th, 2025 (about 1 month ago)

CVE-2025-32432

Craft CMS Allows Remote Code Execution

🚨 Marked as known exploited on April 26th, 2025 (about 1 month ago).

Description: Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Starting from version 3.0.0-RC1 to before 3.9.15, 4.0.0-RC1 to before 4.14.15, and 5.0.0-RC1 to before 5.6.17, Craft is vulnerable to remote code execution. This is a high-impact, low-complexity attack vector. This issue has been patched in versions 3.9.15, 4.14.15, and 5.6.17, and is an additional fix for CVE-2023-41892.

CVSS: CRITICAL (10.0)

EPSS Score: 76.27%

SSVC Exploitation: none

Source: CVE

April 25th, 2025 (about 1 month ago)

CVE-2025-31324: Zero-Day Vulnerability in SAP NetWeaver Exploited in the Wild

🚨 Marked as known exploited on April 25th, 2025 (about 1 month ago).

Description: SAP has released out-of-band patch to address CVE-2025-31324, a critical zero-day vulnerability in SAP NetWeaver that has been exploited by threat actors. Organizations are strongly encouraged to apply patches as soon as possible.BackgroundOn April 22, ReliaQuest published details of their investigation of exploit activity in SAP NetWeaver servers. Initially it was unclear if their discovery was a new vulnerability or the abuse of CVE-2017-9844, a vulnerability that could lead to a denial-of-service (DoS) condition or arbitrary code execution. ReliaQuest reported their findings to SAP and on April 24, SAP disclosed CVE-2025-31324, a critical missing authorization check vulnerability with the highest severity CVSS score of 10.0.CVEDescriptionCVSSv3VPRCVE-2025-31324SAP NetWeaver Unauthenticated File Upload Vulnerability10.08.1*Please note: Tenable’s Vulnerability Priority Rating (VPR) scores are calculated nightly. This blog post was published on April 25 and reflects VPR at that time.AnalysisCVE-2025-31324 is an unauthenticated file upload vulnerability affecting the Metadata Uploader component of SAP NetWeaver Visual Composer. Successful exploitation of this vulnerability could allow an unauthenticated attacker to upload malicious files which can be used by an attacker to achieve code execution. The flaw is the result of missing authorization checks to the “/developmentserver/metadatauploader” endpoint. According to ReliaQuest, this vulnerability has been exploited in the ...

CVSS: CRITICAL (10.0)

EPSS Score: 78.65%

Source: Tenable Blog

April 25th, 2025 (about 1 month ago)

CVE-2025-2470

Service Finder Bookings <= 5.1 - Unauthenticated Privilege Escalation via 'nsl_registration_store_extra_input'

Description: The Service Finder Bookings plugin for WordPress, used by the Service Finder - Directory and Job Board WordPress Theme, is vulnerable to privilege escalation in all versions up to, and including, 5.1. This is due to a lack of restriction on user role in the 'nsl_registration_store_extra_input' function. This makes it possible for unauthenticated attackers to register an account on the site with an arbitrary role, including Administrator, when registering via a social login. The Nextend Social Login plugin must be installed and configured to exploit the vulnerability.

CVSS: CRITICAL (9.8)

EPSS Score: 0.1%

SSVC Exploitation: none

Source: CVE

April 25th, 2025 (about 1 month ago)

SAP Confirms Critical NetWeaver Flaw Amid Suspected Zero-Day Exploitation by Hackers

Description: Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code execution. "The exploitation is likely tied to either a previously disclosed vulnerability like CVE-2017-9844 or an unreported remote file inclusion (RFI) issue," ReliaQuest said in a report published this week. The cybersecurity

CVSS: CRITICAL (9.8)

Source: TheHackerNews

April 25th, 2025 (about 1 month ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-3200	Com-Server Exposed via Weak TLS Description: An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems. CVSS: CRITICAL (9.1) EPSS Score: 0.02% Source: CVE April 28th, 2025 (about 1 month ago)
	Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised Description: Threat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zero-day attacks to breach servers and gain unauthorized access. The attacks, first observed by Orange Cyberdefense SensePost on February 14, 2025, involve chaining the below vulnerabilities - CVE-2024-58136 (CVSS score: 9.0) - An improper protection of alternate path flaw in the Yii PHP CVSS: CRITICAL (9.0) EPSS Score: 36.6% Source: TheHackerNews April 28th, 2025 (about 1 month ago)
CVE-2025-32432	CVE-2025-32432 – 0day Craft CMS discovered by Orange Cyberdefense Description: Orange Cyberdefense (OCD) has discovered a critical vulnerability (CVE-2025-32432) in the Craft CMS software. OCD has approached us to work […] CVSS: CRITICAL (10.0) EPSS Score: 76.27% Source: ONYPHE Blog April 26th, 2025 (about 1 month ago)
CVE-2025-2907	Order Delivery Date Pro for WooCommerce < 12.3.1 - Unauthenticated Arbitrary Option Update Description: The Order Delivery Date WordPress plugin before 12.3.1 does not have authorization and CSRF checks when importing settings. Furthermore it also lacks proper checks to only update options relevant to the Order Delivery Date WordPress plugin before 12.3.1. This leads to attackers being able to modify the default_user_role to administrator and users_can_register, allowing them to register as an administrator of the site for complete site takeover. CVSS: CRITICAL (9.8) EPSS Score: 3.36% Source: CVE April 26th, 2025 (about 1 month ago)
	Reducing Remediation Time Remains a Challenge: How Tenable Vulnerability Watch Can Help Description: Timely vulnerability remediation is an ongoing challenge for organizations as they struggle to prioritize the exposures that represent the greatest risk to their operations. Existing scoring systems are invaluable but can lack context. Here’s how Tenable’s Vulnerability Watch classification system can help.BackgroundOver the past six years working in Tenable’s research organization, I’ve watched known vulnerabilities and zero-day flaws plague organizations in the immediate aftermath of disclosure or even years afterwards. Following each blog post or threat report we’ve published, I kept coming back to the same question: Why are so many organizations struggling to remediate vulnerabilities in a timely manner?As someone who followed the evolution of COVID-19 variants throughout the beginning of the pandemic, I saw that the World Health Organization (WHO) began to label new variants under a classification system as the virus began to mutate. This classification system was designed to help prioritization efforts for monitoring and research. It included accessible labels like variants of interest and variants of concern to help communicate urgency and focus global attention.I began to wonder: What if we borrowed from the same type of classification system used by the WHO and applied it to vulnerability intelligence? Numeric-based systems like the Common Vulnerability Scoring System (CVSS) and Exploit Prediction Scoring System (EPSS) provide mechanisms for prioritization based o... CVSS: CRITICAL (9.8) EPSS Score: 92.52% Source: Tenable Blog April 25th, 2025 (about 1 month ago)
CVE-2025-25775	Codeastro Bus Ticket Booking System v1.0 is vulnerable to SQL injection via the kodetiket parameter in /BusTicket-CI/tiket/cekorder. Description: Codeastro Bus Ticket Booking System v1.0 is vulnerable to SQL injection via the kodetiket parameter in /BusTicket-CI/tiket/cekorder. CVSS: CRITICAL (9.8) EPSS Score: 0.04% SSVC Exploitation: poc Source: CVE April 25th, 2025 (about 1 month ago)
CVE-2025-32432	Craft CMS Allows Remote Code Execution 🚨 Marked as known exploited on April 26th, 2025 (about 1 month ago). Description: Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Starting from version 3.0.0-RC1 to before 3.9.15, 4.0.0-RC1 to before 4.14.15, and 5.0.0-RC1 to before 5.6.17, Craft is vulnerable to remote code execution. This is a high-impact, low-complexity attack vector. This issue has been patched in versions 3.9.15, 4.14.15, and 5.6.17, and is an additional fix for CVE-2023-41892. CVSS: CRITICAL (10.0) EPSS Score: 76.27% SSVC Exploitation: none Source: CVE April 25th, 2025 (about 1 month ago)
	CVE-2025-31324: Zero-Day Vulnerability in SAP NetWeaver Exploited in the Wild 🚨 Marked as known exploited on April 25th, 2025 (about 1 month ago). Description: SAP has released out-of-band patch to address CVE-2025-31324, a critical zero-day vulnerability in SAP NetWeaver that has been exploited by threat actors. Organizations are strongly encouraged to apply patches as soon as possible.BackgroundOn April 22, ReliaQuest published details of their investigation of exploit activity in SAP NetWeaver servers. Initially it was unclear if their discovery was a new vulnerability or the abuse of CVE-2017-9844, a vulnerability that could lead to a denial-of-service (DoS) condition or arbitrary code execution. ReliaQuest reported their findings to SAP and on April 24, SAP disclosed CVE-2025-31324, a critical missing authorization check vulnerability with the highest severity CVSS score of 10.0.CVEDescriptionCVSSv3VPRCVE-2025-31324SAP NetWeaver Unauthenticated File Upload Vulnerability10.08.1*Please note: Tenable’s Vulnerability Priority Rating (VPR) scores are calculated nightly. This blog post was published on April 25 and reflects VPR at that time.AnalysisCVE-2025-31324 is an unauthenticated file upload vulnerability affecting the Metadata Uploader component of SAP NetWeaver Visual Composer. Successful exploitation of this vulnerability could allow an unauthenticated attacker to upload malicious files which can be used by an attacker to achieve code execution. The flaw is the result of missing authorization checks to the “/developmentserver/metadatauploader” endpoint. According to ReliaQuest, this vulnerability has been exploited in the ... CVSS: CRITICAL (10.0) EPSS Score: 78.65% Source: Tenable Blog April 25th, 2025 (about 1 month ago)
CVE-2025-2470	Service Finder Bookings <= 5.1 - Unauthenticated Privilege Escalation via 'nsl_registration_store_extra_input' Description: The Service Finder Bookings plugin for WordPress, used by the Service Finder - Directory and Job Board WordPress Theme, is vulnerable to privilege escalation in all versions up to, and including, 5.1. This is due to a lack of restriction on user role in the 'nsl_registration_store_extra_input' function. This makes it possible for unauthenticated attackers to register an account on the site with an arbitrary role, including Administrator, when registering via a social login. The Nextend Social Login plugin must be installed and configured to exploit the vulnerability. CVSS: CRITICAL (9.8) EPSS Score: 0.1% SSVC Exploitation: none Source: CVE April 25th, 2025 (about 1 month ago)
	SAP Confirms Critical NetWeaver Flaw Amid Suspected Zero-Day Exploitation by Hackers Description: Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code execution. "The exploitation is likely tied to either a previously disclosed vulnerability like CVE-2017-9844 or an unreported remote file inclusion (RFI) issue," ReliaQuest said in a report published this week. The cybersecurity CVSS: CRITICAL (9.8) Source: TheHackerNews April 25th, 2025 (about 1 month ago)