Island Lake WebBatch before 2025C allows Remote Code Execution via a crafted URL.

CVE Database V5

Detailed information about CVE-2025-53867: n/a. Get real-time updates, technical details, and mitigation strategies.

CVE-2025-53867: n/a - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-53867: n/a

Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner

Source: https://thehackernews.com/2025/07/hackers-exploit-apache-http-server-flaw.html

A recently reported high-severity security threat involves exploitation of an unspecified vulnerability in the Apache HTTP Server, a widely used open-source web server software. Attackers are leveraging this flaw to deploy the Linuxsys cryptocurrency miner onto compromised systems. The Linuxsys miner is malware designed to hijack system resources, primarily CPU and GPU cycles, to mine cryptocurrencies illicitly, thereby degrading system performance and increasing operational costs. Although specific affected Apache HTTP Server versions are not detailed, the exploitation indicates a critical weakness that allows unauthorized code execution or system compromise. The absence of known exploits in the wild suggests this is a newly discovered or emerging threat, but the high severity rating and newsworthiness imply that exploitation could be imminent or already occurring at a low scale. The technical details are limited, but the attack vector likely involves remote exploitation of the Apache HTTP Server, potentially through a remote code execution vulnerability or a misconfiguration that allows attackers to upload and execute the miner payload. The deployment of cryptocurrency miners on servers is a common tactic to monetize compromised infrastructure stealthily, often leading to resource exhaustion, increased electricity costs, and potential secondary attacks due to the initial compromise. Given Apache HTTP Server's extensive deployment across various industries and geographies, this vulnerability poses a significant risk to organizations relying on it for web services.

Reddit InfoSec News

Detailed information about Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner. Get real-time updates, technical details, and mitiga

Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner - Live Threat Intelligence - Threat Radar | OffSeq.com

Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner

Reddit Discussion: Hackers Exploit Apache HTTP Server Flaw to Deploy Linuxsys Cryptocurrency Miner

on-headers is a node.js middleware for listening to when a response writes headers. A bug in on-headers versions `<1.1.0` may result in response headers being inadvertently modified when an array is passed to `response.writeHead()`. Users should upgrade to version 1.1.0 to receive a patch. Uses are strongly encouraged to upgrade to `1.1.0`, but this issue can be worked around by passing an object to `response.writeHead()` rather than an array.

CVE-2025-7339 is a vulnerability identified in the 'on-headers' middleware for Node.js, a module used to listen for when HTTP response headers are written. The issue affects versions prior to 1.1.0 of on-headers. The root cause lies in how the middleware handles the response.writeHead() method when an array is passed as an argument instead of the expected object. This misuse can lead to inadvertent modification of response headers, potentially causing unintended behavior in HTTP responses. The vulnerability is classified under CWE-241, which relates to improper handling of data types or unexpected input leading to incorrect program behavior. The CVSS v3.1 base score is 3.4, indicating a low severity level. The vector indicates that exploitation requires local access (AV:L), low attack complexity (AC:L), high privileges (PR:H), no user interaction (UI:N), unchanged scope (S:U), and results in low confidentiality and integrity impact (C:L/I:L) with no availability impact (A:N). There are no known exploits in the wild, and the issue can be mitigated by upgrading to version 1.1.0 of on-headers or by ensuring that response.writeHead() is called with an object rather than an array. This vulnerability primarily affects server-side JavaScript applications using the on-headers middleware, which is common in web servers and API backends built on Node.js. While the impact on confidentiality and integrity is low, the unintended header modifications could lead to subtle bugs or security misconfigurations in HTTP responses, such as incorrect caching headers or security headers, potentially weakening security postures indirectly.

Detailed information about CVE-2025-7339: CWE-241 in jshttp on-headers affecting jshttp on-headers. Get real-time updates, technical details, and mitigation str

CVE-2025-7339: CWE-241 in jshttp on-headers - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-7339: CWE-241 in jshttp on-headers

A path traversal vulnerability exists in RIPS Scanner version 0.54. The vulnerability allows remote attackers to read arbitrary files on the system with the privileges of the web server by sending crafted HTTP GET requests to the 'windows/code.php' script with a manipulated 'file' parameter. This can lead to disclosure of sensitive information.

CVE-2025-34126 is a high-severity path traversal vulnerability (CWE-22) identified in RIPS Technologies' RIPS Scanner version 0.54. The vulnerability arises due to improper limitation of pathname inputs in the 'windows/code.php' script, specifically in the handling of the 'file' parameter within HTTP GET requests. An attacker can exploit this flaw remotely by crafting malicious HTTP GET requests that manipulate the 'file' parameter to traverse directories outside the intended restricted directory. This allows unauthorized reading of arbitrary files on the server hosting the RIPS Scanner application. Since the files are accessed with the privileges of the web server process, sensitive information such as configuration files, source code, credentials, or other critical data may be disclosed. The vulnerability does not require authentication, user interaction, or elevated privileges, and can be exploited over the network, making it highly accessible to attackers. The CVSS 4.0 score of 8.7 reflects the high impact on confidentiality with no required privileges or user interaction, and low attack complexity. Although no known exploits are currently reported in the wild, the nature of the vulnerability and the widespread use of RIPS Scanner for static code analysis in software development and security auditing environments make it a significant risk. The lack of available patches at the time of publication increases the urgency for mitigation and risk management.

Detailed information about CVE-2025-34126: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in RIPS Technologies RIPS Scann

CVE-2025-34126: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in RIPS Technologies RIPS Scanner - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-34126: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in RIPS Technologies RIPS Scanner

Totolink A3300R V17.0.0cu.596_B20250515 was found to contain a command injection vulnerability in the sub_4197C0 function via the mac and desc parameters. This vulnerability allows unauthenticated attackers to execute arbitrary commands via a crafted request.

Detailed information about CVE-2025-52046: n/a. Get real-time updates, technical details, and mitigation strategies.

CVE-2025-52046: n/a

CVE-2025-52046: n/a

Description

Technical Details

Related Threats

CVE-2025-53867: n/a

CVE-2025-7339: CWE-241 in jshttp on-headers

CVE-2025-34126: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in RIPS Technologies RIPS Scanner

CVE-2025-47189: n/a

CVE-2025-54066: CWE-601: URL Redirection to Untrusted Site ('Open Redirect') in DIRACGrid diracx-web

Actions

External Links

Need enhanced features?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility