XWiki Platform is vulnerable to a critical Remote Code Execution (RCE) vulnerability that allows guest users to execute arbitrary code remotely via the SolrSearch endpoint. This can result in a complete server compromise, granting the attacker the ability to run commands on the underlying system, impacting the confidentiality, integrity, and availability of the XWiki installation. The issue has been addressed in XWiki versions 15.10.11, 16.4.1, and 16.5.0RC1.
A vulnerability in AppSmith versions prior to v1.52 allows unauthenticated remote code execution due to a misconfigured PostgreSQL database that permits execution of the COPY FROM PROGRAM command. Attackers can exploit this to run arbitrary commands on the system hosting the application.
The WordPress User Registration & Membership Plugin version 4.1.1 and below allows unauthenticated users to escalate privileges. An attacker can exploit this vulnerability to gain unauthorized access and perform malicious actions.
An API-level vulnerability in Nagios Log Server 2024R1.3.1 allows any user with a valid API token to retrieve a full list of user accounts along with their plaintext API keys, including administrator credentials. This flaw enables user enumeration, privilege escalation, and full system compromise via unauthorized use of exposed tokens.
An authentication bypass vulnerability in Fortinet FortiOS, FortiProxy, and FortiSwitchManager API allows unauthorized access to a selected account. By exploiting this vulnerability, an attacker can add an SSH key to the authorized_keys file of the chosen account, enabling them to log in to the system with that account. Successful exploitation can lead to remote code execution.
The Aztech DSL5005EN router/modem allows an attacker to change the admin password without authentication, by sending a crafted HTTP request to the 'sysAccess.asp' endpoint. This could lead to unauthorized access and control of the device.
The exploit allows remote attackers to execute arbitrary code on the target system by uploading a malicious payload to a specific URL and triggering it through a crafted request. This vulnerability is identified as CVE-2025-24813 affecting Apache Tomcat versions prior to 11.0.3, 10.1.35, and 9.0.98.
The Netman 204 device is vulnerable to unauthorized access and command injection. Attackers can exploit this vulnerability to execute remote commands without authentication. By using specific URLs, attackers can access different panels with default or backdoor credentials, allowing them to view critical information and perform actions without proper authorization.
A business logic flaw in InfluxDB OSS allows users with a valid allAccess token to elevate their privileges to operator level by accessing current authorization tokens. This could lead to unauthorized access to the InfluxDB instance, compromising data confidentiality, integrity, and availability for users across different organizations.
The Daikin Security Gateway 214 is vulnerable to an IDOR flaw in its password reset API endpoint. An attacker can exploit this vulnerability by sending a crafted POST request, bypassing authentication mechanisms. Successful exploitation results in resetting the system credentials to the default Daikin:Daikin username and password combination, granting unauthorized access to the system and potentially compromising connected devices and networks.
Services By CQR