SUSE CVE-2025-25207

The Authorino service in the Red Hat Connectivity Link is the authorization service for zero trust API security. Authorino allows the users with developer persona to add callbacks to be executed to HTTP endpoints once the authorization process is completed. It was found that an attacker with...

Denial Of Service (DoS)

github.com/kuadrant/authorino is vulnerable to Denial of Service DoS. The vulnerability is due to the lack of limits on post-authorization callbacks, allowing an attacker with developer persona access to overload the service...

CVE-2024-45348

Xiaomi Router AX9000 has a post-authorization command injection vulnerability. This vulnerability is caused by the lack of validation of user input, and an attacker can exploit this vulnerability to execute arbitrary code...

CVE-2024-45348

Xiaomi Router AX9000 has a post-authorization command injection vulnerability. This vulnerability is caused by the lack of validation of user input, and an attacker can exploit this vulnerability to execute arbitrary code...

CVE-2024-45348

CVE-2024-45348 affects Xiaomi Router AX9000 (version 1.0.173 per PT-2024-31577). Root cause: post-authorization command injection due to lack of validation of user input. Impact: attacker can execute arbitrary code; described as a remote attack. Remediation: patch immediately (per PT-2024-31577) ...

CVE-2024-45348 Xiaomi Router AX9000 has a post-authorization command injection vulnerability

Xiaomi Router AX9000 has a post-authorization command injection vulnerability. This vulnerability is caused by the lack of validation of user input, and an attacker can exploit this vulnerability to execute arbitrary code...

PT-2024-31577 · Xiaomi · Xiaomi Router Ax9000

Name of the Vulnerable Software and Affected Versions: Xiaomi Router AX9000 version 1.0.173 Description: The issue is caused by the lack of validation of user input, allowing an attacker to exploit it and execute arbitrary code. This is a post-authorization command injection vulnerability, enabli...