D-Link DCS-825L firmware version 1.08.01 and possibly prior versions contain an insecure implementation in the mydlink-watch-dog.sh script. The script monitors and respawns the `dcp` and `signalc` binaries without validating their integrity, origin, or permissions. An attacker with filesystem access (e.g., via UART or firmware modification) may replace these binaries to achieve persistent arbitrary code execution with root privileges. The issue stems from improper handling of executable trust and absence of integrity checks in the watchdog logic.

CVE Database V5

Detailed information about CVE-2025-55581: n/a. Get real-time updates, technical details, and mitigation strategies.

CVE-2025-55581: n/a - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-55581: n/a

A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.4, 2024.Q4.0 through 2024.Q4.6, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.20 and 7.4 GA through update 92 allows an remote authenticated attacker to inject JavaScript into the PortalUtil.escapeRedirect

CVE-2025-43760 is a reflected Cross-Site Scripting (XSS) vulnerability affecting multiple versions of Liferay Portal and Liferay DXP, specifically versions 7.4.0 through 7.4.3.132, and a broad range of 2024 and 2025 quarterly releases of Liferay DXP. The vulnerability resides in the PortalUtil.escapeRedirect function, which is responsible for sanitizing URLs used in redirection processes within the portal. Due to insufficient input validation and escaping, a remote attacker with authenticated access can inject malicious JavaScript code into the redirect URL parameter. When this crafted URL is processed and rendered by the portal, the injected script executes in the context of the victim's browser session. This reflected XSS does not require user interaction beyond visiting a maliciously crafted URL, and no elevated privileges beyond authentication are necessary. The CVSS 4.0 score of 5.3 (medium severity) reflects the moderate impact, considering the attack vector is network-based, with low attack complexity, no user interaction required, but requiring privileges of an authenticated user. The vulnerability can lead to session hijacking, credential theft, unauthorized actions on behalf of the user, or distribution of malware through the portal interface. No known exploits in the wild have been reported yet, and no official patches are linked in the provided data, indicating organizations should monitor vendor advisories closely. The vulnerability affects a widely used enterprise portal platform, often deployed in corporate intranets and public-facing web portals, making it a significant concern for organizations relying on Liferay for content management and collaboration.

Detailed information about CVE-2025-43760: CWE-79: Cross-site Scripting in Liferay Portal affecting Liferay Portal. Get real-time updates, technical details, an

CVE-2025-43760: CWE-79: Cross-site Scripting in Liferay Portal - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-43760: CWE-79: Cross-site Scripting in Liferay Portal

Silent Harvest: Extracting Windows Secrets Under the Radar

Source: https://sud0ru.ghost.io/silent-harvest-extracting-windows-secrets-under-the-radar/

The threat titled "Silent Harvest: Extracting Windows Secrets Under the Radar" appears to describe a technique or set of techniques aimed at stealthily extracting sensitive information from Windows systems. Although detailed technical specifics are not provided in the source information, the title and context imply that the threat involves covert methods to access Windows secrets, which could include credentials, cryptographic keys, or other sensitive authentication material stored or cached on Windows machines. Such techniques often leverage legitimate Windows APIs, memory scraping, or subtle exploitation of system components to avoid detection by traditional security tools. The lack of affected versions and patch links suggests this might be a newly observed or theoretical method rather than a disclosed vulnerability with a known fix. The source being a Reddit NetSec post linked to an external blog indicates the information is emerging and may be based on research or proof-of-concept demonstrations rather than widespread exploitation. The minimal discussion and low Reddit score further suggest this is early-stage intelligence rather than a broadly recognized or exploited threat. However, the medium severity rating implies that if leveraged, this technique could enable attackers to gain unauthorized access to critical Windows secrets, potentially facilitating lateral movement, privilege escalation, or persistent access within compromised environments.

Reddit NetSec

Detailed information about Silent Harvest: Extracting Windows Secrets Under the Radar. Get real-time updates, technical details, and mitigation strategies.

Silent Harvest: Extracting Windows Secrets Under the Radar - Live Threat Intelligence - Threat Radar | OffSeq.com

Silent Harvest: Extracting Windows Secrets Under the Radar

Reddit Discussion: Silent Harvest: Extracting Windows Secrets Under the Radar

Tenda O3V2 1.0.0.12(3880) is vulnerable to Buffer Overflow in the fromSafeSetMacFilter function via the mac parameter.

CVE-2025-55613 is a buffer overflow vulnerability identified in the Tenda O3V2 device firmware version 1.0.0.12(3880). The flaw exists in the fromSafeSetMacFilter function, which processes the 'mac' parameter. Buffer overflow vulnerabilities occur when a program writes more data to a buffer than it can hold, potentially overwriting adjacent memory. In this case, improper handling of the 'mac' parameter input allows an attacker to overflow the buffer, which can lead to arbitrary code execution, denial of service, or system instability. The vulnerability is located in a network device firmware, which typically operates with elevated privileges and network exposure, increasing the risk. No CVSS score has been assigned yet, and no known exploits have been reported in the wild. The affected version is specifically 1.0.0.12(3880), with no other versions explicitly listed. The lack of patch links suggests that no official fix has been publicly released at the time of this report. Because the vulnerability involves a network-facing function related to MAC filtering, it could be exploited remotely if the device's management interface is accessible, potentially without authentication if the function is exposed. This elevates the risk of exploitation in environments where these devices are deployed without adequate network segmentation or access controls.

Detailed information about CVE-2025-55613: n/a. Get real-time updates, technical details, and mitigation strategies.

CVE-2025-55613: n/a - Live Threat Intelligence - Threat Radar | OffSeq.com

CVE-2025-55613: n/a

An SQL injection vulnerability in Yoosee application v6.32.4 allows authenticated users to inject arbitrary SQL queries via a request to a backend API endpoint. Successful exploitation enables extraction of sensitive database information, including but not limited to, the database server banner and version, current database user and schema, the current DBMS user privileges, and arbitrary data from any table.

Detailed information about CVE-2025-52085: n/a. Get real-time updates, technical details, and mitigation strategies.

CVE-2025-52085: n/a

CVE-2025-52085: n/a

Description

Technical Details

Related Threats

CVE-2025-55581: n/a

CVE-2025-43760: CWE-79: Cross-site Scripting in Liferay Portal

CVE-2025-55613: n/a

CVE-2025-57800: CWE-523: Unprotected Transport of Credentials in advplyr audiobookshelf

CVE-2025-55637: n/a

Actions

External Links

Need enhanced features?

Latest Threats

Keyboard Shortcuts

Navigation

Search & Filters

UI Controls

Accessibility