CyberAlerts

CVE-2025-1416

Description: In Proget MDM, a low-privileged user can retrieve passwords for managed devices and subsequently use functionalities restricted by the MDM (Mobile Device Management). For it to happen, they must know the UUIDs of targetted devices, which might be obtained by exploiting CVE-2025-1415 or CVE-2025-1417. This issue has been fixed in 2.17.5 version of Konsola Proget (server part of the MDM suite).

CVSS: HIGH (7.0)

EPSS Score: 0.04%

Source: CVE

May 21st, 2025 (26 days ago)

CVE-2025-48413

Hard-coded OS root credentials in eCharge Hardy Barth cPH2 / cPP2 charging stations

Description: The `/etc/passwd` and `/etc/shadow` files reveal hard-coded password hashes for the operating system "root" user. The credentials are shipped with the update files. There is no option for deleting or changing their passwords for an enduser. An attacker can use the credentials to log into the device. Authentication can be performed via SSH backdoor or likely via physical access (UART shell).

CVSS: HIGH (7.7)

EPSS Score: 0.02%

Source: CVE

May 21st, 2025 (26 days ago)

CVE-2025-4803

Glossary by WPPedia <= 1.3.0 - Authenticated (Administrator+) PHP Object Injection

Description: The Glossary by WPPedia – Best Glossary plugin for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.0 via deserialization of untrusted input from the 'posttypes' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present.

CVSS: HIGH (7.2)

EPSS Score: 0.14%

Source: CVE

May 21st, 2025 (26 days ago)

CVE-2025-1712

Arbitrary file write with vcrtrace

Description: Argument injection in special agent configuration in Checkmk <2.4.0p1, <2.3.0p32, <2.2.0p42 and 2.1.0 allows authenticated attackers to write arbitrary files

CVSS: HIGH (8.7)

EPSS Score: 0.05%

Source: CVE

May 21st, 2025 (26 days ago)

CVE-2024-7383

Libnbd: nbd server improper certificate validation

Description: A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD traffic.

CVSS: HIGH (7.4)

EPSS Score: 0.13%

SSVC Exploitation: none

Source: CVE

May 21st, 2025 (26 days ago)

CVE-2024-4467

Qemu-kvm: 'qemu-img info' leads to host file read/write

Description: A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write to an existing external file.

CVSS: HIGH (7.8)

EPSS Score: 0.07%

SSVC Exploitation: none

Source: CVE

May 21st, 2025 (26 days ago)

CVE-2025-5006

Campcodes Online Shopping Portal category.php sql injection

Description: A vulnerability was found in Campcodes Online Shopping Portal 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/category.php. The manipulation of the argument Category leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in Campcodes Online Shopping Portal 1.0 ausgemacht. Es betrifft eine unbekannte Funktion der Datei /admin/category.php. Durch Beeinflussen des Arguments Category mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.

CVSS: HIGH (7.3)

EPSS Score: 0.04%

Source: CVE

May 20th, 2025 (26 days ago)

CVE-2025-5002

SourceCodester Client Database Management System user_proposal_update_order.php sql injection

Description: A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /user_proposal_update_order.php. The manipulation of the argument order_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in SourceCodester Client Database Management System 1.0 gefunden. Es geht dabei um eine nicht klar definierte Funktion der Datei /user_proposal_update_order.php. Durch das Manipulieren des Arguments order_id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.

CVSS: HIGH (7.3)

EPSS Score: 0.03%

Source: CVE

May 20th, 2025 (26 days ago)

[typo3/cms-core] TYPO3 Allows Privilege Escalation to System Maintainer

Description: Problem Administrator-level backend users without system maintainer privileges can escalate their privileges and gain system maintainer access. Exploiting this vulnerability requires a valid administrator account. Solution Update to TYPO3 versions 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, 13.4.12 LTS that fix the problem described. Credits Thanks to Alexander Künzl for reporting this issue, and to TYPO3 core & security team member Oliver Hader for fixing it. References https://github.com/TYPO3/typo3/security/advisories/GHSA-6frx-j292-c844 https://nvd.nist.gov/vuln/detail/CVE-2025-47940 https://github.com/TYPO3-CMS/core/commit/a659cc8c0ae05c44dd7f01d13629cdd2d0b7219b https://typo3.org/security/advisory/typo3-core-sa-2025-016 https://github.com/advisories/GHSA-6frx-j292-c844

CVSS: HIGH (7.2)

EPSS Score: 0.05%

Source: Github Advisory Database (Composer)

May 20th, 2025 (26 days ago)

[typo3/cms-backend] The TYPO3 CMS Backend has Broken Authentication in Backend MFA

Description: Problem The multifactor authentication (MFA) dialog presented during backend login can be bypassed due to insufficient enforcement of access restrictions on all backend routes. Successful exploitation requires valid backend user credentials, as MFA can only be bypassed after successful authentication. Solution Update to TYPO3 versions 12.4.31 LTS, 13.4.12 LTS that fix the problem described. Credits Thanks to Jens Jacobsen and Y. Kahveci for reporting this issue, and to TYPO3 security team member Torben Hansen for fixing it. References https://github.com/TYPO3/typo3/security/advisories/GHSA-744g-7qm9-hjh9 https://nvd.nist.gov/vuln/detail/CVE-2025-47941 https://github.com/TYPO3-CMS/backend/commit/034f589029952084771c5f98d42ed0f69f9a7ead https://typo3.org/security/advisory/typo3-core-sa-2025-015 https://github.com/advisories/GHSA-744g-7qm9-hjh9

CVSS: HIGH (7.2)

EPSS Score: 0.09%

Source: Github Advisory Database (Composer)

May 20th, 2025 (26 days ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-1416	Password disclosure in Proget MDM Description: In Proget MDM, a low-privileged user can retrieve passwords for managed devices and subsequently use functionalities restricted by the MDM (Mobile Device Management). For it to happen, they must know the UUIDs of targetted devices, which might be obtained by exploiting CVE-2025-1415 or CVE-2025-1417. This issue has been fixed in 2.17.5 version of Konsola Proget (server part of the MDM suite). CVSS: HIGH (7.0) EPSS Score: 0.04% Source: CVE May 21st, 2025 (26 days ago)
CVE-2025-48413	Hard-coded OS root credentials in eCharge Hardy Barth cPH2 / cPP2 charging stations Description: The `/etc/passwd` and `/etc/shadow` files reveal hard-coded password hashes for the operating system "root" user. The credentials are shipped with the update files. There is no option for deleting or changing their passwords for an enduser. An attacker can use the credentials to log into the device. Authentication can be performed via SSH backdoor or likely via physical access (UART shell). CVSS: HIGH (7.7) EPSS Score: 0.02% Source: CVE May 21st, 2025 (26 days ago)
CVE-2025-4803	Glossary by WPPedia <= 1.3.0 - Authenticated (Administrator+) PHP Object Injection Description: The Glossary by WPPedia – Best Glossary plugin for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.0 via deserialization of untrusted input from the 'posttypes' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. CVSS: HIGH (7.2) EPSS Score: 0.14% Source: CVE May 21st, 2025 (26 days ago)
CVE-2025-1712	Arbitrary file write with vcrtrace Description: Argument injection in special agent configuration in Checkmk <2.4.0p1, <2.3.0p32, <2.2.0p42 and 2.1.0 allows authenticated attackers to write arbitrary files CVSS: HIGH (8.7) EPSS Score: 0.05% Source: CVE May 21st, 2025 (26 days ago)
CVE-2024-7383	Libnbd: nbd server improper certificate validation Description: A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD traffic. CVSS: HIGH (7.4) EPSS Score: 0.13% SSVC Exploitation: none Source: CVE May 21st, 2025 (26 days ago)
CVE-2024-4467	Qemu-kvm: 'qemu-img info' leads to host file read/write Description: A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write to an existing external file. CVSS: HIGH (7.8) EPSS Score: 0.07% SSVC Exploitation: none Source: CVE May 21st, 2025 (26 days ago)
CVE-2025-5006	Campcodes Online Shopping Portal category.php sql injection Description: A vulnerability was found in Campcodes Online Shopping Portal 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/category.php. The manipulation of the argument Category leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in Campcodes Online Shopping Portal 1.0 ausgemacht. Es betrifft eine unbekannte Funktion der Datei /admin/category.php. Durch Beeinflussen des Arguments Category mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. CVSS: HIGH (7.3) EPSS Score: 0.04% Source: CVE May 20th, 2025 (26 days ago)
CVE-2025-5002	SourceCodester Client Database Management System user_proposal_update_order.php sql injection Description: A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /user_proposal_update_order.php. The manipulation of the argument order_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in SourceCodester Client Database Management System 1.0 gefunden. Es geht dabei um eine nicht klar definierte Funktion der Datei /user_proposal_update_order.php. Durch das Manipulieren des Arguments order_id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung. CVSS: HIGH (7.3) EPSS Score: 0.03% Source: CVE May 20th, 2025 (26 days ago)
	[typo3/cms-core] TYPO3 Allows Privilege Escalation to System Maintainer Description: Problem Administrator-level backend users without system maintainer privileges can escalate their privileges and gain system maintainer access. Exploiting this vulnerability requires a valid administrator account. Solution Update to TYPO3 versions 10.4.50 ELTS, 11.5.44 ELTS, 12.4.31 LTS, 13.4.12 LTS that fix the problem described. Credits Thanks to Alexander Künzl for reporting this issue, and to TYPO3 core & security team member Oliver Hader for fixing it. References https://github.com/TYPO3/typo3/security/advisories/GHSA-6frx-j292-c844 https://nvd.nist.gov/vuln/detail/CVE-2025-47940 https://github.com/TYPO3-CMS/core/commit/a659cc8c0ae05c44dd7f01d13629cdd2d0b7219b https://typo3.org/security/advisory/typo3-core-sa-2025-016 https://github.com/advisories/GHSA-6frx-j292-c844 CVSS: HIGH (7.2) EPSS Score: 0.05% Source: Github Advisory Database (Composer) May 20th, 2025 (26 days ago)
	[typo3/cms-backend] The TYPO3 CMS Backend has Broken Authentication in Backend MFA Description: Problem The multifactor authentication (MFA) dialog presented during backend login can be bypassed due to insufficient enforcement of access restrictions on all backend routes. Successful exploitation requires valid backend user credentials, as MFA can only be bypassed after successful authentication. Solution Update to TYPO3 versions 12.4.31 LTS, 13.4.12 LTS that fix the problem described. Credits Thanks to Jens Jacobsen and Y. Kahveci for reporting this issue, and to TYPO3 security team member Torben Hansen for fixing it. References https://github.com/TYPO3/typo3/security/advisories/GHSA-744g-7qm9-hjh9 https://nvd.nist.gov/vuln/detail/CVE-2025-47941 https://github.com/TYPO3-CMS/backend/commit/034f589029952084771c5f98d42ed0f69f9a7ead https://typo3.org/security/advisory/typo3-core-sa-2025-015 https://github.com/advisories/GHSA-744g-7qm9-hjh9 CVSS: HIGH (7.2) EPSS Score: 0.09% Source: Github Advisory Database (Composer) May 20th, 2025 (26 days ago)