CVE-2025-61939 Columbia Weather Systems MicroServer Improper Restriction of Communication Channel to Intended Endpoints

An unused function in MicroServer can start a reverse SSH connection to a vendor registered domain, without mutual authentication. An attacker on the local network with admin access to the web server, and the ability to manipulate DNS responses, can redirect the SSH connection to an attacker...

PT-2026-1835

Name of the Vulnerable Software and Affected Versions MicroServer affected versions not specified Description An unused function in MicroServer can initiate a reverse SSH connection to a vendor-registered domain without mutual authentication. An attacker with local network access and administrati...

CVE-2025-12946

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques MiTM to manipulate DNS responses and execute commands when speedtests are run. This issue...

EUVD-2025-202283

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques MiTM to manipulate DNS responses and execute commands when speedtests are run. This issue...

CVE-2025-12946

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques MiTM to manipulate DNS responses and execute commands when speedtests are run. This issue...

CVE-2025-12946

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques MiTM to manipulate DNS responses and execute commands when speedtests are run. This issue...

CVE-2025-12946

CVE-2025-12946 affects NETGEAR Nighthawk routers and related models (RS700, RAX54Sv2, RAX41v2, RAX50, RAXE500, RAX41, RAX43, RAX35v2, RAXE450, RAX43v2, RAX42, RAX45, RAX50v2, MR90, MS90, RAX42v2, RAX49S). Root cause is improper input validation in the speedtest feature, enabling WAN-side attacker...

CVE-2025-12946 Improper input validation in NETGEAR Nighthawk routers

A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router's WAN side, using attacker-in-the-middle techniques MiTM to manipulate DNS responses and execute commands when speedtests are run. This issue...

PT-2025-50105

Name of the Vulnerable Software and Affected Versions NETGEAR Nighthawk routers versions 1.0.7.82 and earlier NETGEAR RAX54Sv2 versions before V1.1.6.36 NETGEAR RAX41v2 versions before V1.1.6.36 NETGEAR RAX50 versions before V1.2.14.114 NETGEAR RAXE500 versions before V1.2.14.114 NETGEAR RAX41...

NETGEAR多款产品 安全漏洞

NETGEAR Nighthawk is a series of wireless routers from NETGEAR. A security vulnerability exists in various NETGEAR products that stems from improper input validation for the speedtest feature, which could allow an attacker to use man-in-the-middle techniques to manipulate DNS responses and execut...

CBL Mariner 2.0 Security Update: systemd / systemd-bootstrap (CVE-2023-7008)

The version of systemd / systemd-bootstrap installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-7008 advisory. - A vulnerability was found in systemd-resolved. This issue May allow systemd-resolved to...

CentOS 8 : systemd (CESA-2024:3203)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:3203 advisory. - A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no...

Muddling Meerkat Group Suspected of Espionage via Great Firewall of China

By Deeba Ahmed Uncover the "Muddling Meerkat," a China-linked threat actor manipulating the DNS. Infoblox research reveals a sophisticated group with deep DNS expertise and potential ties to the Great Firewall. Learn their tactics and how to stay protected. This is a post from HackRead.com Read t...

CVE-2023-7008 Systemd-resolved: unsigned name response in signed zone is not refused when dnssec=yes

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles or the upstream DNS resolver to manipulate records...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2020-2396)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-13960

D-Link DSL 2730-U IN1.10 and IN1.11 and DIR-600M 3.04 devices have the domain.name string in the DNS resolver search path by default, which allows remote attackers to provide valid DNS responses and also offer Internet services such as HTTP for names that otherwise would have had an NXDOMAIN erro...

Attacks on Linksys Routers Trigger Mass Password Reset

UPDATE Home Linksys router users were targeted in a cyberattack that changed router settings, and redirected requests for specific webpages and domains to malicious Coronavirus-themed landing pages that were booby-trapped with malware. Researchers identified the attack last month, and earlier thi...

Azure Red Flag: Microsoft Accidentally Fixes Cloud Config ‘Bug’

UPDATE Researchers are shedding light on a Microsoft Azure misconfiguration bug that leaked sensitive access tokens, which could have given hackers access to virtual machine instances and cloud-based storage buckets. Since its discovery, an update has fixed what researchers said was a...

Convincing Google Impersonation Opens Door to MiTM, Phishing

An attack that uses homographic characters to impersonate domain names and launch convincing but malicious websites takes minutes and a bare modicum of skill — while reaping high rates of success in luring victims, according to an independent researcher. Researcher Avi Lumelsky set out to see how...

Threat Source newsletter (Jan. 23, 2020)

Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. Despite tensions starting to fizzle between the U.S. and Iran, people are still worried about cyber conflict. What would that even look...