#cisa-kev

[ follow ]
#remote-code-execution #cve-2025-33073 #smb-vulnerability #meteobridge #cve-2025-4008 #command-injection
fromThe Hacker News
11 hours ago

CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks

Details of the six-year-old flaw were publicly shared by Cisco Talos in April 2019, describing it as an exploitable remote code execution vulnerability in the ACEManager "upload.cgi" function of Sierra Wireless AirLink ES450 firmware version 4.9.3. Talos reported the flaw to the Canadian company in December 2018. "This vulnerability exists in the file upload capability of templates within the AirLink 450," the company said. "When uploading template files, you can specify the name of the file that you are uploading."
Information security
Information security
fromThe Hacker News
1 day ago

CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog

CVE-2025-58360 is an unauthenticated XXE in OSGeo GeoServer being exploited in the wild; affected versions require immediate patching to prevent file access, SSRF, and DoS.
Information security
fromThe Hacker News
1 week ago

CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV

CVE-2021-26829 XSS in OpenPLC ScadaBR is actively exploited, added to CISA KEV and used by TwoNet against industrial HMI.
#cve-2025-33073
more#cve-2025-33073
Information security
fromThe Hacker News
1 month ago

Five New Exploited Bugs Land in CISA's Catalog - Oracle and Microsoft Among Targets

CISA confirmed CVE-2025-61884 SSRF in Oracle E-Business Suite is being exploited in the wild and added it to the KEV catalog.
Information security
fromSecurityWeek
2 months ago

Organizations Warned of Exploited Meteobridge Vulnerability

A Meteobridge command-injection vulnerability (CVE-2025-4008) has been exploited in attacks and added to CISA's Known Exploited Vulnerabilities catalog.
Information security
fromThe Hacker News
2 months ago

CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild

Meteobridge contains a command-injection vulnerability (CVE-2025-4008) allowing unauthenticated remote attackers to execute arbitrary commands as root; vulnerability is actively exploited and patched in version 6.
Information security
fromSecuritymagazine
3 months ago

WhatsApp Flaw Added to CISA's Known Exploited Vulnerabilities Catalog

CISA added two actively exploited vulnerabilities—TP-Link TL-WA855RE missing authentication (CVE-2020-24363) and WhatsApp incorrect authorization (CVE-2025-55177)—to the KEV Catalog.
fromThe Hacker News
3 months ago

CISA Adds Three Exploited Vulnerabilities to KEV Catalog Affecting Citrix and Git

CVE-2024-8068 (CVSS score: 5.1) - An improper privilege management vulnerability in Citrix Session Recording that could allow for privilege escalation to NetworkService Account access when an attacker is an authenticated user in the same Windows Active Directory domain as the session recording server domain CVE-2024-8069 (CVSS score: 5.1) - A deserialization of untrusted data vulnerability in Citrix Session Recording that allows limited remote code execution with the privileges of a NetworkService Account access when an attacker is an authenticated user on the same intranet as the session recording server
Information security
[ Load more ]