CVE-2025-32931 - DevDojo Voyager Command Injection Vulnerability April 14, 2025 at 04:15PM https://ift.tt/LQiAvGF #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
Recent searches
Search options
#threatintelligence
201 posts31 participants15 posts today
CVE-2025-2160 - Pega Platform Cross-Site Scripting Vulnerability April 14, 2025 at 03:15PM https://ift.tt/RFn9eim #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-2160 - Pega Platform Cross-Site Scripting VulnerabilityPega Platform versions 8.4.3 to Infinity 24.2.1 are affected by an XSS issue with Mashup
CVE-2025-2563 - "WordPress User Registration & Membership Privilege Escalation Vulnerability" April 14, 2025 at 06:15AM https://ift.tt/fZHPrbW #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-2563 - "WordPress User Registration & Membership Privilege Escalation Vulnerability"The User Registration & Membership WordPress plugin before 4.1.2 does not prevent users to set their account role when the Membership Addon is enabled, leading to a privilege escalation issue and allowing unauthenticated users to gain admin privileges
New ransom group blog post!
Group name: play
Post title: Calmont Group
Info: https://cti.fyi/groups/play.html
cti.fyiplay
New ransom group blog post!
Group name: incransom
Post title: Orthopaedic Specialists of Connecticut
Info: https://cti.fyi/groups/incransom.html
cti.fyiincransom
New ransom group blog post!
Group name: incransom
Post title: MENTAL HEALTH
Info: https://cti.fyi/groups/incransom.html
cti.fyiincransom
CVE-2025-3546 - H3C Magic NX15/Business Ethernet Switch HTTP Command Injection Vulnerability April 14, 2025 at 02:15AM https://ift.tt/58ovOkw #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-3546 - H3C Magic NX15/Business Ethernet Switch HTTP Command Injection VulnerabilityA vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been declared as critical. Affected by this vulnerability is the function FCGI_CheckStringIfContainsSemicolon of the file /api/wizard/getLanguage of the component HTTP POST Request Handler. The manipulation leads to …
CVE-2025-3545 - H3C Magic NX Series HTTP POST Request Handler Command Injection Vulnerability April 14, 2025 at 02:15AM https://ift.tt/9jgK3wk #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-3545 - H3C Magic NX Series HTTP POST Request Handler Command Injection VulnerabilityA vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been classified as critical. Affected is the function FCGI_CheckStringIfContainsSemicolon of the file /api/wizard/setLanguage of the component HTTP POST Request Handler. The manipulation leads to command injection. The …
CVE-2025-3544 - H3C Magic NX15/30 Pro/400/BE18000 HTTP POST Request Handler Command Injection April 14, 2025 at 01:15AM https://ift.tt/cDj8NkG #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-3544 - H3C Magic NX15/30 Pro/400/BE18000 HTTP POST Request Handler Command InjectionA vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014 and classified as critical. This issue affects the function FCGI_CheckStringIfContainsSemicolon of the file /api/wizard/getCapabilityWeb of the component HTTP POST Request Handler. The manipulation leads to command injection. Access to …
CVE-2025-3543 - H3C Magic NX Series HTTP POST Request Handler Command Injection Vulnerability April 14, 2025 at 01:15AM https://ift.tt/qO42XYk #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-3543 - H3C Magic NX Series HTTP POST Request Handler Command Injection VulnerabilityA vulnerability has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400 and Magic R3010 up to V100R014 and classified as critical. This vulnerability affects the function FCGI_WizardProtoProcess of the file /api/wizard/setsyncpppoecfg of the component HTTP POST Request Handler. The manipulation leads to command injection. Access to the …
CVE-2025-3542 - H3C Magic NX15, Magic NX400 and Magic R3010 Command Injection Vulnerability April 14, 2025 at 12:15AM https://ift.tt/pV0BhjK #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-3542 - H3C Magic NX15, Magic NX400 and Magic R3010 Command Injection VulnerabilityA vulnerability, which was classified as critical, was found in H3C Magic NX15, Magic NX400 and Magic R3010 up to V100R014. This affects the function FCGI_WizardProtoProcess of the file /api/wizard/getsyncpppoecfg of the component HTTP POST Request Handler. The manipulation leads to command injection. The attack needs to be initiated within …
CVE-2025-3541 - H3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 Command Injection Vulnerability April 13, 2025 at 11:15PM https://ift.tt/ZtRJiy0 #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-3541 - H3C Magic NX15/Magic NX30 Pro/Magic NX400/Magic R3010 Command Injection VulnerabilityA vulnerability, which was classified as critical, has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400 and Magic R3010 up to V100R014. Affected by this issue is the function FCGI_WizardProtoProcess of the file /api/wizard/getSpecs of the component HTTP POST Request Handler. The manipulation leads to command injection. …
CVE-2025-3540 - H3C Magic NX15, Magic NX30 Pro, Magic NX400 and Magic R3010 Command Injection Vulnerability April 13, 2025 at 11:15PM https://ift.tt/MLxV4a5 #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-3540 - H3C Magic NX15, Magic NX30 Pro, Magic NX400 and Magic R3010 Command Injection VulnerabilityA vulnerability classified as critical was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400 and Magic R3010 up to V100R014. Affected by this vulnerability is the function FCGI_WizardProtoProcess of the file /api/wizard/getCapability of the component HTTP POST Request Handler. The manipulation leads to command injection. The attack can …
CVE-2025-3539 - H3C Magic NX Series HCF CGI Command Injection Vulnerability April 13, 2025 at 10:15PM https://ift.tt/gOKb7T2 #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-3539 - H3C Magic NX Series HCF CGI Command Injection VulnerabilityA vulnerability classified as critical has been found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. Affected is the function FCGI_CheckStringIfContainsSemicolon of the file /api/wizard/getBasicInfo of the component HTTP POST Request Handler. The manipulation leads to command injection. The attack can …
CVE-2025-3445 - Apache Archiver Path Traversal Zip Slip Vulnerability April 13, 2025 at 10:15PM https://ift.tt/U56kre0 #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-3445 - Apache Archiver Path Traversal Zip Slip VulnerabilityA Path Traversal "Zip Slip" vulnerability has been identified in mholt/archiver in Go. This vulnerability allows using a crafted ZIP file containing path traversal symlinks to create or overwrite files with the user's privileges or application utilizing the library. When using the archiver.Unarchive functionality with ZIP files, like this: archiver.Unarchive(zipFile, …
CVE-2025-3538 - D-Link jhttpd Auth Asp Stack-Based Buffer Overflow April 13, 2025 at 07:15PM https://ift.tt/I5QLjvJ #CVE #IOC #CTI #ThreatIntelligence #ThreatIntel #Cybersecurity #Recon
cvefeed.io · CVE-2025-3538 - D-Link jhttpd Auth Asp Stack-Based Buffer OverflowA vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue affects the function auth_asp of the file /auth.asp of the component jhttpd. The manipulation of the argument callback leads to stack-based buffer overflow. The attack needs to be approached within the local network. The …
New ransom group blog post!
Group name: lockbit3
Post title: intelliloan.com
Info: https://cti.fyi/groups/lockbit3.html
cti.fyilockbit3
Think Like a Black Hat, Act Like a White Hat!
Let's Face-It ! ->To outsmart cybercriminals, you must think like one—but use your skills for defense, not destruction. Learn the mindset of hackers and the strategies ethical hackers use to strengthen cybersecurity. 
Read more: https://wardenshield.com/think-like-a-black-hat-and-act-like-a-white-hat
#ethicalhacking #cybersecurity #whitehat #blackhat #Pentesting #CyberDefense #wardenshield #threatintelligence
WardenShieldThink Like a Black Hat & Act Like a White Hat | WardenShieldDescription:In today's digital battlefield, understanding both attack and defense is the key to cybersecurity mastery. Think Like a Black Hat & Act Like a White Hat takes you inside the minds of hackers—both ethical and malicious—revealing their strategies, motivations, and techniques.This book b...
New ransom group blog post!
Group name: incransom
Post title: Chickenshed
Info: https://cti.fyi/groups/incransom.html
cti.fyiincransom
New ransom group blog post!
Group name: lockbit3
Post title: visionproducts.llc
Info: https://cti.fyi/groups/lockbit3.html
cti.fyilockbit3