4 matches found
Exploit for Improper Restriction of XML External Entity Reference in Sysaid
From-EternalBlue-to-CVE-2025-2776-The-Evolution-of-an-SMB-Atta...
CVE-2025-2776
SysAid On-Prem versions = 23.3.40 are vulnerable to an unauthenticated XML External Entity XXE vulnerability in the Server URL processing functionality, allowing for administrator account takeover and file read primitives...
CVE-2025-2776 SysAid On-Prem <= 23.3.40 serverurl Proceessing XML External Entity Injection
SysAid On-Prem versions = 23.3.40 are vulnerable to an unauthenticated XML External Entity XXE vulnerability in the Server URL processing functionality, allowing for administrator account takeover and file read primitives...
CVE-2025-2776
creationtimestamp| type| source ---|---|--- 2025-05-07 09:31:00+00:00| seen| https://thehackernews.com/2025/05/sysaid-patches-4-critical-flaws.html 2025-05-07 14:15:11+00:00| seen| https://infosec.exchange/users/shadowserver/statuses/114466967388160257 2025-05-07 14:16:50+00:00| seen|...