CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-5747 |
Description: WOLFBOX Level 2 EV Charger MCU Command Parsing Misinterpretation of Input Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installatons of WOLFBOX Level 2 EV Charger devices. Authentication is required to exploit this vulnerability.
The specific flaw exists within the handling of command frames received by the MCU. When parsing frames, the process does not properly detect the start of a frame, which can lead to misinterpretation of input. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the device. Was ZDI-CAN-26501.
CVSS: HIGH (8.0) EPSS Score: 0.17% SSVC Exploitation: none
June 6th, 2025 (22 days ago)
|
|
CVE-2025-33035 |
Description: A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.4847 and later
CVSS: HIGH (7.2) EPSS Score: 0.14%
June 6th, 2025 (22 days ago)
|
|
CVE-2025-33031 |
Description: An improper certificate validation vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to compromise the security of the system.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.4847 and later
CVSS: HIGH (8.3) EPSS Score: 0.06%
June 6th, 2025 (22 days ago)
|
|
CVE-2025-30279 |
Description: An improper certificate validation vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to compromise the security of the system.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.4847 and later
CVSS: HIGH (8.3) EPSS Score: 0.06%
June 6th, 2025 (22 days ago)
|
|
CVE-2025-29892 |
Description: An SQL injection vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to execute unauthorized code or commands.
We have already fixed the vulnerability in the following version:
Qsync Central 4.5.0.6 ( 2025/03/20 ) and later
CVSS: HIGH (8.7) EPSS Score: 0.08%
June 6th, 2025 (22 days ago)
|
|
CVE-2025-29885 |
Description: An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers who have gained user access to compromise the security of the system.
We have already fixed the vulnerability in the following versions:
File Station 5 5.5.6.4791 and later
and later
CVSS: HIGH (8.3) EPSS Score: 0.05%
June 6th, 2025 (22 days ago)
|
|
CVE-2025-29884 |
Description: An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers who have gained user access to compromise the security of the system.
We have already fixed the vulnerability in the following versions:
File Station 5 5.5.6.4791 and later
and later
CVSS: HIGH (8.3) EPSS Score: 0.05%
June 6th, 2025 (22 days ago)
|
|
CVE-2025-29883 |
Description: An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers who have gained user access to compromise the security of the system.
We have already fixed the vulnerability in the following versions:
File Station 5 5.5.6.4791 and later
and later
CVSS: HIGH (8.3) EPSS Score: 0.05%
June 6th, 2025 (22 days ago)
|
|
CVE-2025-29877 |
Description: A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.4847 and later
CVSS: MEDIUM (5.3) EPSS Score: 0.08%
June 6th, 2025 (22 days ago)
|
|
CVE-2025-29876 |
Description: A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.4847 and later
CVSS: MEDIUM (5.3) EPSS Score: 0.08%
June 6th, 2025 (22 days ago)
|