In the dynamic realm of cybersecurity, staying updated on the latest vulnerabilities is imperative.
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between August 04-05, 2025.
During this period, The National Vulnerability Database published 84, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 8
High: 23
Medium: 33
Low: 3
Severity Not Assigned: 17
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2025-20700
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References: https://www.airoha.com/product-security-bulletin/2025
CWE-ID: CWE-306
Common Platform Enumerations (CPE): Not Found
2. CVE-2025-20701
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: In the Airoha Bluetooth audio SDK, there is a possible way to pair Bluetooth audio device without user consent. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References: https://www.airoha.com/product-security-bulletin/2025
CWE-ID: CWE-863
Common Platform Enumerations (CPE): Not Found
3. CVE-2025-20702
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: In the Airoha Bluetooth audio SDK, there is a possible unauthorized access to the RACE protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References: https://www.airoha.com/product-security-bulletin/2025
CWE-ID: CWE-306
Common Platform Enumerations (CPE): Not Found
4. CVE-2025-41659
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: A low-privileged attacker can remotely access the PKI folder of the CODESYS Control runtime system and thus read and write certificates and its keys. This allows sensitive data to be extracted or to accept certificates as trusted. Although all services remain available, only unencrypted communication is possible if the certificates are deleted.
References: https://certvde.com/de/advisories/VDE-2025-051
CWE-ID: CWE-732
Common Platform Enumerations (CPE): Not Found
5. CVE-2025-41691
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: An unauthenticated remote attacker may trigger a NULL pointer dereference in the affected CODESYS Control runtime systems by sending specially crafted communication requests, potentially leading to a denial-of-service (DoS) condition.
References: https://certvde.com/de/advisories/VDE-2025-070
CWE-ID: CWE-476
Common Platform Enumerations (CPE): Not Found
6. CVE-2025-6204
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 1.3
Impact Score: 6.0
Description: An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code.
References: https://www.3ds.com/trust-center/security/security-advisories/cve-2025-6204
CWE-ID: CWE-94
Common Platform Enumerations (CPE): Not Found
7. CVE-2025-6205
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.2
Description: A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to gain privileged access to the application.
References: https://www.3ds.com/trust-center/security/security-advisories/cve-2025-6205
CWE-ID: CWE-862
Common Platform Enumerations (CPE): Not Found
8. CVE-2025-36604
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution.
References: https://www.dell.com/support/kbdoc/en-si/000350756/dsa-2025-281-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
9. CVE-2025-36606
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nfssupport utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.
References: https://www.dell.com/support/kbdoc/en-si/000350756/dsa-2025-281-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
10. CVE-2025-36607
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.
References: https://www.dell.com/support/kbdoc/en-si/000350756/dsa-2025-281-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
11. CVE-2025-26065
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a visiting Wi-Fi network.
References: https://manuais.intelbras.com.br/manual-linha-rx/ChangeLogRX1500.html
https://manuais.intelbras.com.br/manual-linha-rx/ChangeLogRX3000.html
https://seclists.org/fulldisclosure/2025/Jul/26
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
12. CVE-2025-30099
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.
References: https://www.dell.com/support/kbdoc/en-us/000348708/dsa-2025-159-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
13. CVE-2025-36594
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Authentication Bypass by Spoofing vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. Remote unauthenticated user can create account that potentially expose customer info, affect system integrity and availability.
References: https://www.dell.com/support/kbdoc/en-us/000348708/dsa-2025-159-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities
CWE-ID: CWE-290
Common Platform Enumerations (CPE): Not Found
14. CVE-2025-44643
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.7
Description: Certain Draytek products are affected by Insecure Configuration. This affects AP903 v1.4.18 and AP912C v1.4.9 and AP918R v1.4.9. The setting of the password property in the ripd.conf configuration file sets a hardcoded weak password, posing a security risk. An attacker with network access could exploit this to gain unauthorized control over the routing daemon, potentially altering network routes or intercepting traffic.
References: http://draytek.com
https://www.notion.so/Misconfiguration-in-Draytek-AP903-23a54a1113e780aca7f2d21dbdab9db8
CWE-ID: CWE-276 CWE-798
Common Platform Enumerations (CPE): Not Found
15. CVE-2025-51536
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a hardcoded Administrator password.
References: https://www.sec4you-pentest.com/schwachstelle/openatlas-standard-adminkonto-mit-hartcodiertem-passwort/
https://www.sec4you-pentest.com/schwachstellen/
CWE-ID: CWE-798 CWE-1392
Common Platform Enumerations (CPE): Not Found
16. CVE-2025-38739
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 2.7
Description: Dell Digital Delivery, versions prior to 5.6.1.0, contains an Insufficiently Protected Credentials vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to Information Disclosure.
References: https://www.dell.com/support/kbdoc/en-us/000349489/dsa-2025-302
CWE-ID: CWE-522
Common Platform Enumerations (CPE): Not Found
17. CVE-2025-44955
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.0
Impact Score: 6.0
Description: RUCKUS Network Director (RND) before 4.5 allows jailed users to obtain root access vis a weak, hardcoded password.
References: https://claroty.com/team82/disclosure-dashboard/cve-2025-44955
https://kb.cert.org/vuls/id/613753
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e
CWE-ID: CWE-259
Common Platform Enumerations (CPE): Not Found
18. CVE-2025-44954
Base Score: 9.0
Base Severity: CRITICAL
Exploitability Score: 2.2
Impact Score: 6.0
Description: RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account.
References: https://claroty.com/team82/disclosure-dashboard/cve-2025-44954
https://kb.cert.org/vuls/id/613753
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e
CWE-ID: CWE-1394
Common Platform Enumerations (CPE): Not Found
19. CVE-2025-44957
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 6.0
Description: Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers.
References: https://claroty.com/team82/disclosure-dashboard/cve-2025-44957
https://kb.cert.org/vuls/id/613753
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e
CWE-ID: CWE-288
Common Platform Enumerations (CPE): Not Found
20. CVE-2025-44960
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 6.0
Description: RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route.
References: https://claroty.com/team82/disclosure-dashboard/cve-2025-44960
https://kb.cert.org/vuls/id/613753
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
21. CVE-2025-44961
Base Score: 9.9
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 6.0
Description: In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user.
References: https://claroty.com/team82/disclosure-dashboard/cve-2025-44961
https://kb.cert.org/vuls/id/613753
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
22. CVE-2025-44963
Base Score: 9.0
Base Severity: CRITICAL
Exploitability Score: 2.2
Impact Score: 6.0
Description: RUCKUS Network Director (RND) before 4.5 allows spoofing of an administrator JWT by an attacker who knows the hardcoded value of a certain secret key.
References: https://claroty.com/team82/disclosure-dashboard/cve-2025-44963
https://kb.cert.org/vuls/id/613753
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e
CWE-ID: CWE-321
Common Platform Enumerations (CPE): Not Found
23. CVE-2025-50420
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead to a Denial of Service (DoS).
References: http://freedesktop.com
http://poppler.com
https://github.com/Landw-hub/CVE-2025-50420
CWE-ID: CWE-400
Common Platform Enumerations (CPE): Not Found
24. CVE-2025-46206
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to cause a denial of service via an infinite recursion in the `mutool clean` utility. When processing a crafted PDF file containing cyclic /Next references in the outline structure, the `strip_outline()` function enters infinite recursion
References: http://artifex.com
http://mupdf.com
https://bugs.ghostscript.com/show_bug.cgi?id=708521
https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=0ec7e4d2201bb6df217e01c17396d36297abf9ac
https://github.com/Landw-hub/CVE-2025-46206
CWE-ID: CWE-400
Common Platform Enumerations (CPE): Not Found
25. CVE-2025-21120
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: Dell Avamar, versions prior to 19.12 with patch 338905, excluding version 19.10SP1 with patch 338904, contains a Trusting HTTP Permission Methods on the Server-Side vulnerability in Security. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
References: https://www.dell.com/support/kbdoc/en-us/000347698/dsa-2025-271-security-update-for-dell-avamar-and-dell-avamar-virtual-edition-multiple-vulnerabilities
CWE-ID: CWE-650
Common Platform Enumerations (CPE): Not Found
26. CVE-2025-26476
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.
References: https://www.dell.com/support/kbdoc/en-us/000339134/dsa-2025-154-security-update-for-dell-ecs-and-objectscale-use-of-hard-coded-ssh-cryptographic-key-vulnerability
CWE-ID: CWE-321
Common Platform Enumerations (CPE): Not Found
27. CVE-2025-38741
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Dell Enterprise SONiC OS, version 4.5.0, contains a cryptographic key vulnerability in SSH. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to unauthorized access to communication.
References: https://www.dell.com/support/kbdoc/en-us/000340083/dsa-2025-275-security-update-for-dell-enterprise-sonic-distribution-vulnerabilities
CWE-ID: CWE-321
Common Platform Enumerations (CPE): Not Found
28. CVE-2025-52239
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: An arbitrary file upload vulnerability in ZKEACMS v4.1 allows attackers to execute arbitrary code via a crafted file.
References: http://shenzhen.com
http://zkeacms.com
https://github.com/CTRLCCT/BoolSpideer/blob/main/cve2.md
https://github.com/CTRLCCT/BoolSpideer/blob/main/cve2.md
CWE-ID: CWE-434
Common Platform Enumerations (CPE): Not Found
29. CVE-2025-53394
Base Score: 7.7
Base Severity: HIGH
Exploitability Score: 1.1
Impact Score: 6.0
Description: Paramount Macrium Reflect through 2025-06-26 allows attackers to execute arbitrary code with administrator privileges via a crafted .mrimgx or .mrbax backup file and a renamed executable placed in the same directory. When a user with administrative privileges opens the crafted backup file and proceeds to mount it, Reflect launches the renamed executable (e.g., explorer.exe), which is under attacker control. This occurs because of insufficient validation of companion files referenced during backup mounting.
References: https://macrium.com
https://www.macrium.com/blog/macrium-security-advisory-cve-2025-53394-cve-2025-53395
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
30. CVE-2025-53395
Base Score: 7.7
Base Severity: HIGH
Exploitability Score: 1.1
Impact Score: 6.0
Description: Paramount Macrium Reflect through 2025-06-26 allows local attackers to execute arbitrary code with administrator privileges via a crafted .mrimgx backup file and a malicious VSSSvr.dll located in the same directory. When a user with administrative privileges mounts a backup by opening the .mrimgx file, Reflect loads the attacker's VSSSvr.dll after the mount completes. This occurs because of untrusted DLL search path behavior in ReflectMonitor.exe.
References: https://macrium.com
https://www.macrium.com/blog/macrium-security-advisory-cve-2025-53394-cve-2025-53395
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
31. CVE-2025-46093
Base Score: 9.9
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 6.0
Description: LiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 (setuid and setgid), which allows FTPDrop users to execute arbitrary code as root by leveraging the Actionscript feature and the sudoers configuration.
References: https://docs.liquidfiles.com/release_notes/version_4-1-x.html
https://gist.github.com/nikolai0x/f61a8bfcdaa244e0c46931d74d10c4ea
https://projectblack.io/blog/liquidfiles-vulnerability-authenticated-rce/
CWE-ID: CWE-732
Common Platform Enumerations (CPE): Not Found
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between August 04-05, 2025.
During this period, The National Vulnerability Database published 84, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 8
High: 23
Medium: 33
Low: 3
Severity Not Assigned: 17
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2025-20700
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References: https://www.airoha.com/product-security-bulletin/2025
CWE-ID: CWE-306
Common Platform Enumerations (CPE): Not Found
2. CVE-2025-20701
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: In the Airoha Bluetooth audio SDK, there is a possible way to pair Bluetooth audio device without user consent. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References: https://www.airoha.com/product-security-bulletin/2025
CWE-ID: CWE-863
Common Platform Enumerations (CPE): Not Found
3. CVE-2025-20702
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: In the Airoha Bluetooth audio SDK, there is a possible unauthorized access to the RACE protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References: https://www.airoha.com/product-security-bulletin/2025
CWE-ID: CWE-306
Common Platform Enumerations (CPE): Not Found
4. CVE-2025-41659
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: A low-privileged attacker can remotely access the PKI folder of the CODESYS Control runtime system and thus read and write certificates and its keys. This allows sensitive data to be extracted or to accept certificates as trusted. Although all services remain available, only unencrypted communication is possible if the certificates are deleted.
References: https://certvde.com/de/advisories/VDE-2025-051
CWE-ID: CWE-732
Common Platform Enumerations (CPE): Not Found
5. CVE-2025-41691
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: An unauthenticated remote attacker may trigger a NULL pointer dereference in the affected CODESYS Control runtime systems by sending specially crafted communication requests, potentially leading to a denial-of-service (DoS) condition.
References: https://certvde.com/de/advisories/VDE-2025-070
CWE-ID: CWE-476
Common Platform Enumerations (CPE): Not Found
6. CVE-2025-6204
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 1.3
Impact Score: 6.0
Description: An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code.
References: https://www.3ds.com/trust-center/security/security-advisories/cve-2025-6204
CWE-ID: CWE-94
Common Platform Enumerations (CPE): Not Found
7. CVE-2025-6205
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.2
Description: A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to gain privileged access to the application.
References: https://www.3ds.com/trust-center/security/security-advisories/cve-2025-6205
CWE-ID: CWE-862
Common Platform Enumerations (CPE): Not Found
8. CVE-2025-36604
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution.
References: https://www.dell.com/support/kbdoc/en-si/000350756/dsa-2025-281-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
9. CVE-2025-36606
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nfssupport utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.
References: https://www.dell.com/support/kbdoc/en-si/000350756/dsa-2025-281-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
10. CVE-2025-36607
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.
References: https://www.dell.com/support/kbdoc/en-si/000350756/dsa-2025-281-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
11. CVE-2025-26065
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a visiting Wi-Fi network.
References: https://manuais.intelbras.com.br/manual-linha-rx/ChangeLogRX1500.html
https://manuais.intelbras.com.br/manual-linha-rx/ChangeLogRX3000.html
https://seclists.org/fulldisclosure/2025/Jul/26
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
12. CVE-2025-30099
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.
References: https://www.dell.com/support/kbdoc/en-us/000348708/dsa-2025-159-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
13. CVE-2025-36594
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Authentication Bypass by Spoofing vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. Remote unauthenticated user can create account that potentially expose customer info, affect system integrity and availability.
References: https://www.dell.com/support/kbdoc/en-us/000348708/dsa-2025-159-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities
CWE-ID: CWE-290
Common Platform Enumerations (CPE): Not Found
14. CVE-2025-44643
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.7
Description: Certain Draytek products are affected by Insecure Configuration. This affects AP903 v1.4.18 and AP912C v1.4.9 and AP918R v1.4.9. The setting of the password property in the ripd.conf configuration file sets a hardcoded weak password, posing a security risk. An attacker with network access could exploit this to gain unauthorized control over the routing daemon, potentially altering network routes or intercepting traffic.
References: http://draytek.com
https://www.notion.so/Misconfiguration-in-Draytek-AP903-23a54a1113e780aca7f2d21dbdab9db8
CWE-ID: CWE-276 CWE-798
Common Platform Enumerations (CPE): Not Found
15. CVE-2025-51536
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a hardcoded Administrator password.
References: https://www.sec4you-pentest.com/schwachstelle/openatlas-standard-adminkonto-mit-hartcodiertem-passwort/
https://www.sec4you-pentest.com/schwachstellen/
CWE-ID: CWE-798 CWE-1392
Common Platform Enumerations (CPE): Not Found
16. CVE-2025-38739
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 2.7
Description: Dell Digital Delivery, versions prior to 5.6.1.0, contains an Insufficiently Protected Credentials vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to Information Disclosure.
References: https://www.dell.com/support/kbdoc/en-us/000349489/dsa-2025-302
CWE-ID: CWE-522
Common Platform Enumerations (CPE): Not Found
17. CVE-2025-44955
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.0
Impact Score: 6.0
Description: RUCKUS Network Director (RND) before 4.5 allows jailed users to obtain root access vis a weak, hardcoded password.
References: https://claroty.com/team82/disclosure-dashboard/cve-2025-44955
https://kb.cert.org/vuls/id/613753
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e
CWE-ID: CWE-259
Common Platform Enumerations (CPE): Not Found
18. CVE-2025-44954
Base Score: 9.0
Base Severity: CRITICAL
Exploitability Score: 2.2
Impact Score: 6.0
Description: RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account.
References: https://claroty.com/team82/disclosure-dashboard/cve-2025-44954
https://kb.cert.org/vuls/id/613753
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e
CWE-ID: CWE-1394
Common Platform Enumerations (CPE): Not Found
19. CVE-2025-44957
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 6.0
Description: Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers.
References: https://claroty.com/team82/disclosure-dashboard/cve-2025-44957
https://kb.cert.org/vuls/id/613753
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e
CWE-ID: CWE-288
Common Platform Enumerations (CPE): Not Found
20. CVE-2025-44960
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 6.0
Description: RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route.
References: https://claroty.com/team82/disclosure-dashboard/cve-2025-44960
https://kb.cert.org/vuls/id/613753
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
21. CVE-2025-44961
Base Score: 9.9
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 6.0
Description: In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user.
References: https://claroty.com/team82/disclosure-dashboard/cve-2025-44961
https://kb.cert.org/vuls/id/613753
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
22. CVE-2025-44963
Base Score: 9.0
Base Severity: CRITICAL
Exploitability Score: 2.2
Impact Score: 6.0
Description: RUCKUS Network Director (RND) before 4.5 allows spoofing of an administrator JWT by an attacker who knows the hardcoded value of a certain secret key.
References: https://claroty.com/team82/disclosure-dashboard/cve-2025-44963
https://kb.cert.org/vuls/id/613753
https://webresources.commscope.com/download/assets/FAQ+Security+Advisory%3A+ID+20250710/225f44ac3bd311f095821adcaa92e24e
CWE-ID: CWE-321
Common Platform Enumerations (CPE): Not Found
23. CVE-2025-50420
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead to a Denial of Service (DoS).
References: http://freedesktop.com
http://poppler.com
https://github.com/Landw-hub/CVE-2025-50420
CWE-ID: CWE-400
Common Platform Enumerations (CPE): Not Found
24. CVE-2025-46206
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to cause a denial of service via an infinite recursion in the `mutool clean` utility. When processing a crafted PDF file containing cyclic /Next references in the outline structure, the `strip_outline()` function enters infinite recursion
References: http://artifex.com
http://mupdf.com
https://bugs.ghostscript.com/show_bug.cgi?id=708521
https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=0ec7e4d2201bb6df217e01c17396d36297abf9ac
https://github.com/Landw-hub/CVE-2025-46206
CWE-ID: CWE-400
Common Platform Enumerations (CPE): Not Found
25. CVE-2025-21120
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: Dell Avamar, versions prior to 19.12 with patch 338905, excluding version 19.10SP1 with patch 338904, contains a Trusting HTTP Permission Methods on the Server-Side vulnerability in Security. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
References: https://www.dell.com/support/kbdoc/en-us/000347698/dsa-2025-271-security-update-for-dell-avamar-and-dell-avamar-virtual-edition-multiple-vulnerabilities
CWE-ID: CWE-650
Common Platform Enumerations (CPE): Not Found
26. CVE-2025-26476
Base Score: 8.4
Base Severity: HIGH
Exploitability Score: 2.5
Impact Score: 5.9
Description: Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.
References: https://www.dell.com/support/kbdoc/en-us/000339134/dsa-2025-154-security-update-for-dell-ecs-and-objectscale-use-of-hard-coded-ssh-cryptographic-key-vulnerability
CWE-ID: CWE-321
Common Platform Enumerations (CPE): Not Found
27. CVE-2025-38741
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Dell Enterprise SONiC OS, version 4.5.0, contains a cryptographic key vulnerability in SSH. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to unauthorized access to communication.
References: https://www.dell.com/support/kbdoc/en-us/000340083/dsa-2025-275-security-update-for-dell-enterprise-sonic-distribution-vulnerabilities
CWE-ID: CWE-321
Common Platform Enumerations (CPE): Not Found
28. CVE-2025-52239
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: An arbitrary file upload vulnerability in ZKEACMS v4.1 allows attackers to execute arbitrary code via a crafted file.
References: http://shenzhen.com
http://zkeacms.com
https://github.com/CTRLCCT/BoolSpideer/blob/main/cve2.md
https://github.com/CTRLCCT/BoolSpideer/blob/main/cve2.md
CWE-ID: CWE-434
Common Platform Enumerations (CPE): Not Found
29. CVE-2025-53394
Base Score: 7.7
Base Severity: HIGH
Exploitability Score: 1.1
Impact Score: 6.0
Description: Paramount Macrium Reflect through 2025-06-26 allows attackers to execute arbitrary code with administrator privileges via a crafted .mrimgx or .mrbax backup file and a renamed executable placed in the same directory. When a user with administrative privileges opens the crafted backup file and proceeds to mount it, Reflect launches the renamed executable (e.g., explorer.exe), which is under attacker control. This occurs because of insufficient validation of companion files referenced during backup mounting.
References: https://macrium.com
https://www.macrium.com/blog/macrium-security-advisory-cve-2025-53394-cve-2025-53395
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
30. CVE-2025-53395
Base Score: 7.7
Base Severity: HIGH
Exploitability Score: 1.1
Impact Score: 6.0
Description: Paramount Macrium Reflect through 2025-06-26 allows local attackers to execute arbitrary code with administrator privileges via a crafted .mrimgx backup file and a malicious VSSSvr.dll located in the same directory. When a user with administrative privileges mounts a backup by opening the .mrimgx file, Reflect loads the attacker's VSSSvr.dll after the mount completes. This occurs because of untrusted DLL search path behavior in ReflectMonitor.exe.
References: https://macrium.com
https://www.macrium.com/blog/macrium-security-advisory-cve-2025-53394-cve-2025-53395
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
31. CVE-2025-46093
Base Score: 9.9
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 6.0
Description: LiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 (setuid and setgid), which allows FTPDrop users to execute arbitrary code as root by leveraging the Actionscript feature and the sudoers configuration.
References: https://docs.liquidfiles.com/release_notes/version_4-1-x.html
https://gist.github.com/nikolai0x/f61a8bfcdaa244e0c46931d74d10c4ea
https://projectblack.io/blog/liquidfiles-vulnerability-authenticated-rce/
CWE-ID: CWE-732
Common Platform Enumerations (CPE): Not Found