Close Menu
  • Home
  • Identity
  • Inventions
  • Future
  • Science
  • Startups
  • Spanish
What's Hot

Underwater gardeners restore marine forests

The EU completes the code of practice for general purpose AI

CISA adds Citrix Netscaler CVE-2025-5777 to KEV catalog as an active exploit target enterprise

Facebook X (Twitter) Instagram
  • Home
  • About Us
  • Advertise with Us
  • Contact Us
  • DMCA
  • Privacy Policy
  • Terms & Conditions
  • User-Submitted Posts
Facebook X (Twitter) Instagram
Fyself News
  • Home
  • Identity
  • Inventions
  • Future
  • Science
  • Startups
  • Spanish
Fyself News
Home » Clitical sabuten security defects (CVE-2025-22604) enable remote code execution
Identity

Clitical sabuten security defects (CVE-2025-22604) enable remote code execution

userBy userJanuary 29, 2025No Comments2 Mins Read
Share Facebook Twitter Pinterest Telegram LinkedIn Tumblr Email Copy Link
Follow Us
Google News Flipboard
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link

LingeringJanuary 29, 2025LingeringRavy LakshmananVulnerability /threat intelligence

Cactus security defect

CACTI Open-Source Network monitoring and disability management frameworks have revealed important security defects that allow authentic attackers to realize remote code execution in sensitive instances.

The defect tracked as CVE-2025-22604 is equipped with a 9.1 CVSS score out of up to 10.0.

“Authenticated users can inject a malformed OID into the response because of the defect in the multi -line SNMP result parcisser,” said Project Menteners stated in the advisory announced this week.

When processed by “ss_net_snmp_disk_io () or ss_net_snmp_disk_bytes (), each OID is used as part of the system command and is used as a key of an array that causes the vulnerability of command execution.”

If the development of vulnerability is successful, a certified user with device management authority can execute any code on the server, steal, edit, and delete confidential data.

Cyber ​​security

CVE-2025-22604 affects all versions of software around 1.2.28. It is dealt with version 1.2.29. It is recognized that security researchers on online alias U32i discovered and reported defects.

Also, in the latest version, it is CVE-2025-24367 (CVSS score: 7.2). This allows authentic attackers to create any PHP scripts on the application web route by creating a graph, abusing the graph template function and deriving remotely. Code execution.

Since CACTI’s security vulnerability has been actively exploited in the past, organizations that rely on software for network monitoring priority to apply the patches needed to reduce the risk of compromise. You need to.

Did you find this article interesting? Follow on Twitter and Linkedin and read the exclusive content to post.

Source link

Follow on Google News Follow on Flipboard
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Previous ArticleUAC-0063 extends cyber attacks to European Embassy using stolen documents.
Next Article How ransomware infects healthcare tissues
user
  • Website

Related Posts

CISA adds Citrix Netscaler CVE-2025-5777 to KEV catalog as an active exploit target enterprise

July 11, 2025

A critical MCP-Remote vulnerability allows remote code execution, affecting over 437,000 downloads

July 10, 2025

ICEX Forum 2025 Opens: FySelf’s TwinH Showcases AI Innovation

July 10, 2025
Add A Comment
Leave A Reply Cancel Reply

Latest Posts

Underwater gardeners restore marine forests

The EU completes the code of practice for general purpose AI

CISA adds Citrix Netscaler CVE-2025-5777 to KEV catalog as an active exploit target enterprise

Grok 4 appears to be consulting with Elon Musk to answer controversial questions

Trending Posts

Subscribe to News

Subscribe to our newsletter and never miss our latest news

Please enable JavaScript in your browser to complete this form.
Loading

Welcome to Fyself News, your go-to platform for the latest in tech, startups, inventions, sustainability, and fintech! We are a passionate team of enthusiasts committed to bringing you timely, insightful, and accurate information on the most pressing developments across these industries. Whether you’re an entrepreneur, investor, or just someone curious about the future of technology and innovation, Fyself News has something for you.

ICEX Forum 2025 Opens: FySelf’s TwinH Showcases AI Innovation

The Future of Process Automation is Here: Meet TwinH

Robots Play Football in Beijing: A Glimpse into China’s Ambitious AI Future

TwinH: A New Frontier in the Pursuit of Immortality?

Facebook X (Twitter) Instagram Pinterest YouTube
  • Home
  • About Us
  • Advertise with Us
  • Contact Us
  • DMCA
  • Privacy Policy
  • Terms & Conditions
  • User-Submitted Posts
© 2025 news.fyself. Designed by by fyself.

Type above and press Enter to search. Press Esc to cancel.