CVE-2025-34027

The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The Spack upload endpoint can be leveraged for a Time-of-Check to Time-of-Use TOCTOU write in combination...

CVE-2025-34026

Versa Concerto (SD-WAN) contains an authentication bypass in the Traefik reverse proxy configuration that guards the Spring Boot Actuator endpoints. The flaw allows an unauthenticated attacker to reach administrative endpoints, including the Actuator endpoints that can expose heap dumps and trace...

CVE-2025-34027 Versa Concerto Authentication Bypass File Write Remote Code Execution

The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The Spack upload endpoint can be leveraged for a Time-of-Check to Time-of-Use TOCTOU write in combination...

CVE-2025-34027

Summary of CVE-2025-34027: Versa Concerto SD-WAN exposes an authentication bypass in the Traefik reverse proxy configuration, enabling unauthorized access to administrative endpoints. In addition, the Spack upload endpoint can trigger a TOCTOU race with path loading manipulation to achieve remote...

CVE-2025-4876

ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to extract a hardcoded AES decryption key via reverse engineering. This key is embedded in plaintext within the binary and used in cryptographic operations without dynamic key management. Once obtained t...

Exploit for Incorrect Authorization in Cacti

SHELL-POC-CVE-2022-46169 A bash proof of concept of t...

Versa Concerto SD-WAN 安全漏洞

Versa Concerto SD-WAN is an easy-to-use user interface from Versa for configuring and monitoring Versa OS devices in a secure SD-WAN. A security vulnerability exists in Versa Concerto SD-WAN versions 12.1.2 through 12.2.0, which stems from an authentication bypass in the Traefik Reverse Proxy...

PT-2025-22441

Name of the Vulnerable Software and Affected Versions Versa Concerto versions 12.1.2 through 12.2.0 Description The Versa Concerto SD-WAN orchestration platform contains a flaw in the Traefik reverse proxy configuration that allows an attacker to bypass authentication and access administrative...

PT-2025-22440

Name of the Vulnerable Software and Affected Versions Versa Concerto versions 12.1.2 through 12.2.0 Description The Versa Concerto SD-WAN orchestration platform has an authentication bypass issue in the Traefik reverse proxy configuration. This allows an attacker to access administrative endpoint...

CVE-2025-4876

ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to extract a hardcoded AES decryption key via reverse engineering. This key is embedded in plaintext within the binary and used in cryptographic operations without dynamic key management. Once obtained t...

CVE-2025-4876 Hardcoded Key Revealed in ConnectWise Password Encryption Utility

ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to extract a hardcoded AES decryption key via reverse engineering. This key is embedded in plaintext within the binary and used in cryptographic operations without dynamic key management. Once obtained t...

CVE-2025-4876

The CVE-2025-4876 issue affects ConnectWise Risk Assessment’s ConnectWise-Password-Encryption-Utility.exe. Root cause: hardcoded AES decryption key embedded in plaintext in the binary, with no dynamic key management. Impact: an attacker with reverse-engineering capability could obtain the key and...

Open Redirect

Overview Flask-AppBuilder is a simple and rapid application development framework, built on top of Flask. includes detailed security, auto CRUD generation for your models, google charts and much more. Affected versions of this package are vulnerable to Open Redirect through the manipulation of th...

GHSA-4GRG-W6V8-C28G Flask uses fallback key instead of current signing key

In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing key. Signing is provided by the itsdangerous library. A list of keys can be passed, and it expects the last top key in the list to be the most...

RDPGuard 9.9.9 - Privilege Escalation

Exploit Title: RDPGuard 9.9.9 - Privilege Escalation Discovered by: Ahmet Ümit BAYRAM Discovered Date: 09.05.2025 Vendor Homepage: https://rdpguard.com Software Link: https://rdpguard.com/download.aspx Tested Version: 9.9.9 latest Tested on: Windows 10 32bit Steps to Reproduce 1. Prepare a .bat...

📄 RDPGuard 9.9.9 Privilege Escalation

RDPGuard version 9.9.9 suffers from a privilege escalation vulnerability. Exploit Title: RDPGuard 9.9.9 - Privilege Escalation SYSTEM Discovered by: Ahmet Ümit BAYRAM Discovered Date: 09.05.2025 Vendor Homepage: https://rdpguard.com Software Link: https://rdpguard.com/download.aspx Tested Version...

Malicious code in matlab-cli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ff0a277d45885a5c1a26f027495e73b5e0aa8b49c7ee3eeafd06cc14e6e8f754 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-05-matlab-cl...

MAL-2025-191785 Malicious code in matlab-cli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ff0a277d45885a5c1a26f027495e73b5e0aa8b49c7ee3eeafd06cc14e6e8f754 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-05-matlab-cl...

Security Steerability Is All You Need

The adoption of Generative AI GenAI in various applications inevitably comes with expanding the attack surface, combining new security threats along with the traditional ones. Consequently, numerous research and industrial initiatives aim to mitigate these security threats in GenAI by developing...

SUSE CVE-2025-46728

cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...