ibi Security Advisory: October 14, 2025 - ibi WebFOCUS - CVE-2025-11548

ibi WebFOCUS - Unauthenticated RCE Vulnerability Original release date: October 14, 2025 Last revised: --- CVE-2025-11548 Source: ibi. Products Affected ibi WebFOCUS 9.1.3 & earlier ibi WebFOCUS 9.2.2 & earlier Component Affected SOAP Log on Enabled by default Description An authentication bypass...

SugarCRM 13.0.1 Server-Side Template Injection Exploit

SugarCRM versions 13.0.1 and below suffer from a server-side template injection vulnerability in the GetControl action from the Import module. This issue can be leveraged to execute arbitrary php code. ---------------------------------------------------------------------------- SugarCRM = 13.0.1...

Buffer Overflow Vulnerability in the NETGEAR R6260 Stack

NETGEAR R6260 is a router from Netgear, Inc. NETGEAR R6260 routers is vulnerable because the setupwizard.cgi page fails to properly validate the length of data when parsing the SOAP LOGIN TOKEN environment variable. An attacker could exploit this vulnerability to execute arbitrary code on an...