Latest Critical CVEs

• CVE-2025-14709 - Shiguangwu sgwbox N3 WIRELESSCFGGET http_eshell_server buffer overflow

  CVE ID :CVE-2025-14709
  Published : Dec. 15, 2025, 7:15 a.m. | 3 hours, 35 minutes ago
  Description :A security vulnerability has been detected in Shiguangwu sgwbox N3 2.0.25. Affected by this issue is some unknown functionality of the file /usr/sbin/http_eshell_server of the component WIRELESSCFGGET Interface. The manipulation of the argument params leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
  Severity: 10.0 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14708 - Shiguangwu sgwbox N3 WIREDCFGGET http_eshell_server buffer overflow

  CVE ID :CVE-2025-14708
  Published : Dec. 15, 2025, 7:15 a.m. | 3 hours, 35 minutes ago
  Description :A weakness has been identified in Shiguangwu sgwbox N3 2.0.25. Affected by this vulnerability is an unknown functionality of the file /usr/sbin/http_eshell_server of the component WIREDCFGGET Interface. Executing manipulation of the argument params can lead to buffer overflow. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
  Severity: 10.0 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14707 - Shiguangwu sgwbox N3 DOCKER Feature http_eshell_server command injection

  CVE ID :CVE-2025-14707
  Published : Dec. 15, 2025, 6:15 a.m. | 4 hours, 35 minutes ago
  Description :A security flaw has been discovered in Shiguangwu sgwbox N3 2.0.25. Affected is an unknown function of the file /usr/sbin/http_eshell_server of the component DOCKER Feature. Performing manipulation of the argument params results in command injection. The attack may be initiated remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
  Severity: 10.0 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14706 - Shiguangwu sgwbox N3 NETREBOOT http_eshell_server command injection

  CVE ID :CVE-2025-14706
  Published : Dec. 15, 2025, 6:15 a.m. | 4 hours, 35 minutes ago
  Description :A vulnerability was identified in Shiguangwu sgwbox N3 2.0.25. This impacts an unknown function of the file /usr/sbin/http_eshell_server of the component NETREBOOT Interface. Such manipulation leads to command injection. The attack can be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
  Severity: 10.0 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14705 - Shiguangwu sgwbox N3 SHARESERVER Feature command injection

  CVE ID :CVE-2025-14705
  Published : Dec. 15, 2025, 5:15 a.m. | 5 hours, 35 minutes ago
  Description :A vulnerability was determined in Shiguangwu sgwbox N3 2.0.25. This affects an unknown function of the component SHARESERVER Feature. This manipulation of the argument params causes command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
  Severity: 10.0 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-67900 - NXLog Agent OpenSSL Configuration File Load Vulnerability

  CVE ID :CVE-2025-67900
  Published : Dec. 14, 2025, 11:15 p.m. | 11 hours, 35 minutes ago
  Description :NXLog Agent before 6.11 can load a file specified by the OPENSSL_CONF environment variable.
  Severity: 8.1 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14665 - Tenda WH450 HTTP Request DhcpListClient stack-based overflow

  CVE ID :CVE-2025-14665
  Published : Dec. 14, 2025, 3:15 p.m. | 19 hours, 35 minutes ago
  Description :A security flaw has been discovered in Tenda WH450 1.0.0.18. Impacted is an unknown function of the file /goform/DhcpListClient of the component HTTP Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been released to the public and may be exploited.
  Severity: 10.0 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14659 - D-Link DIR-860LB1/DIR-868LB1 DHCP command injection

  CVE ID :CVE-2025-14659
  Published : Dec. 14, 2025, 12:16 p.m. | 22 hours, 34 minutes ago
  Description :A vulnerability was detected in D-Link DIR-860LB1 and DIR-868LB1 203b01/203b03. Affected is an unknown function of the component DHCP Daemon. The manipulation of the argument Hostname results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used.
  Severity: 9.0 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14656 - Tenda AC20 openSchedWifi httpd buffer overflow

  CVE ID :CVE-2025-14656
  Published : Dec. 14, 2025, 11:15 a.m. | 23 hours, 35 minutes ago
  Description :A weakness has been identified in Tenda AC20 16.03.08.12. This affects the function httpd of the file /goform/openSchedWifi. Executing manipulation of the argument schedStartTime/schedEndTime can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be exploited.
  Severity: 9.0 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14655 - Tenda AC20 httpd SetSysAutoRebbotCfg formSetRebootTimer stack-based overflow

  CVE ID :CVE-2025-14655
  Published : Dec. 14, 2025, 11:15 a.m. | 23 hours, 35 minutes ago
  Description :A security flaw has been discovered in Tenda AC20 16.03.08.12. The impacted element is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg of the component httpd. Performing manipulation of the argument rebootTime results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited.
  Severity: 9.0 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14654 - Tenda AC20 httpd setPptpUserList formSetPPTPUserList stack-based overflow

  CVE ID :CVE-2025-14654
  Published : Dec. 14, 2025, 10:15 a.m. | 1 day ago
  Description :A vulnerability was identified in Tenda AC20 16.03.08.12. The affected element is the function formSetPPTPUserList of the file /goform/setPptpUserList of the component httpd. Such manipulation of the argument list leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.
  Severity: 9.0 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-36754 - Authentication bypass on web interface

  CVE ID :CVE-2025-36754
  Published : Dec. 13, 2025, 4:16 p.m. | 1 day, 18 hours ago
  Description :The authentication mechanism on web interface is not properly implemented. It is possible to bypass authentication checks by crafting a post request with new settings since there is no session token or authentication in place. This would allow an attacker for instance to point the device to an arbitrary address for domain name resolution to e.g. facililitate a man-in-the-middle (MitM) attack.
  Severity: 9.3 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-36753 - SWD Interface Open on Growatt ShineLan-X

  CVE ID :CVE-2025-36753
  Published : Dec. 13, 2025, 4:16 p.m. | 1 day, 18 hours ago
  Description :The SWD debug interface on the Growatt ShineLan-X communication dongle is available by default, allowing an attacker to attain debug access to the device and to extracting secrets or domains from within the device
  Severity: 8.6 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-36752 - Undocumented backup Account and No Password Configuration Capability

  CVE ID :CVE-2025-36752
  Published : Dec. 13, 2025, 4:16 p.m. | 1 day, 18 hours ago
  Description :Growatt ShineLan-X communication dongle has an undocumented backup account with undocumented credentials which allows significant level access to the device, such as allowing any attacker to access the Setting Center. This means that this is effectively backdoor for all devices utilizing a Growatt ShineLan-X communication dongle.
  Severity: 9.4 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-36751 - Missing encryption on Local Configuration Interface or Cloud Endpoint Communication - Growatt MIC3300TL-X and ShineLan-X

  CVE ID :CVE-2025-36751
  Published : Dec. 13, 2025, 4:16 p.m. | 1 day, 18 hours ago
  Description :Encryption is missing on the configuration interface for Growatt ShineLan-X and MIC 3300TL-X. This allows an attacker with access to the network to intercept and potentially manipulate communication requests between the inverter and its cloud endpoint.
  Severity: 9.4 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-36750 - Stored cross site scripting (XSS) vulnerability in Growatt ShineLan-X

  CVE ID :CVE-2025-36750
  Published : Dec. 13, 2025, 4:16 p.m. | 1 day, 18 hours ago
  Description :ShineLan-X contains a stored cross site scripting (XSS) vulnerability in the Plant Name field. A HTML payload will be displayed on the plant management page via a direct post. This may allow attackers to force a legitimate user’s browser’s JavaScript engine to run malicious code.
  Severity: 8.5 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-36748 - Stored Cross-Site Scripting (XSS) vulnerability in Growatt ShineLan-X

  CVE ID :CVE-2025-36748
  Published : Dec. 13, 2025, 4:16 p.m. | 1 day, 18 hours ago
  Description :ShineLan-X contains a stored cross site scripting (XSS) vulnerability in the local configuration web server. The JavaScript code snippet can be inserted in the communication module’s settings center. This may allow attackers to force a legitimate user’s browser’s JavaScript engine to run malicious code.
  Severity: 8.4 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-36747 - Hardcoded FTP Credentials within the firmware

  CVE ID :CVE-2025-36747
  Published : Dec. 13, 2025, 4:16 p.m. | 1 day, 18 hours ago
  Description :ShineLan-X contains a set of credentials for an FTP server was found within the firmware, allowing testers to establish an insecure FTP connection with the server. This may allow an attacker to replace legitimate files being deployed to devices with their own malicious versions, since the firmware signature verification is not enforced.
  Severity: 9.4 | CRITICAL
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14476 - Doubly (Subscriber+) PHP Object Injection via ZIP File Import

  CVE ID :CVE-2025-14476
  Published : Dec. 13, 2025, 4:16 p.m. | 1 day, 18 hours ago
  Description :The Doubly – Cross Domain Copy Paste for WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.46 via deserialization of untrusted input from the content.txt file within uploaded ZIP archives. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. The additional presence of a POP chain allows attackers to execute arbitrary code, delete files, retrieve sensitive data, or perform other actions depending on the available gadgets. This is only exploitable by subscribers, when administrators have explicitly enabled that access.
  Severity: 8.8 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...

• CVE-2025-14475 - Extensive VC Addons for WPBakery page builder ame' Parameter

  CVE ID :CVE-2025-14475
  Published : Dec. 13, 2025, 4:16 p.m. | 1 day, 18 hours ago
  Description :The Extensive VC Addons for WPBakery page builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9.1 via the `extensive_vc_get_module_template_part` function. This is due to insufficient path normalization and validation of the user-supplied `shortcode_name` parameter in the `extensive_vc_init_shortcode_pagination` AJAX action. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the server, allowing the execution of any PHP code in those files via the `shortcode_name` parameter.
  Severity: 8.1 | HIGH
  Visit the link for more details, such as CVSS details, affected products, timeline, and more...