article thumbnail

CVE-2025-31700 & CVE-2025-31701: Buffer Overflow Flaws in Dahua IP Cameras Expose Devices to RCE

Penetration Testing

Dahua IP cameras are vulnerable to two high-severity buffer overflow flaws (CVE-2025-31700, CVE-2025-31701) allowing remote attackers to crash devices or execute arbitrary code. Update firmware immediately.

article thumbnail

Insyde UEFI Flaw (CVE-2025-4275): Secure Boot Bypass Allows Rootkits & Undetectable Malware

Penetration Testing

A Insyde H2O UEFI flaw (CVE-2025-4275) allows Secure Boot bypass via NVRAM, enabling attackers to inject undetectable malware and rootkits. Update firmware now!

Firmware 116
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

TPM 2.0 Flaw (CVE-2025-2884) Exposes Sensitive Data & Disrupts Trusted Computing!

Penetration Testing

flaw (CVE-2025-2884) allows local attackers to access sensitive memory or cause DoS. Update TPM firmware to protect trusted computing.

Firmware 103
article thumbnail

Flaws in Weidmueller IE-SR-2TX Routers Allow Remote Root Access!

Penetration Testing

Three vulnerabilities (CVE-2025-41661, CVE-2025-41662, CVE-2025-41663) in Weidmueller IE-SR-2TX security routers allow unauthenticated remote root access. Update firmware immediately.

article thumbnail

CVE-2025-20271: Cisco Meraki VPN Bug Exposes MX and Z Series Devices to Remote DoS Attacks

Penetration Testing

Cisco warns of a critical flaw (CVE-2025-20271, CVSS 8.6) Update firmware now! in Meraki MX/Z Series devices, allowing unauthenticated remote DoS on AnyConnect VPN.

VPN 64
article thumbnail

Critical D-Link DIR-825 Router Flaw (CVE-2025-7206, CVSS 9.8): Remote Crash Via Buffer Overflow

Penetration Testing

A critical flaw (CVE-2025-7206, CVSS 9.8) in D-Link DIR-825 firmware 2.10 allows unauthenticated remote buffer overflow, crashing the web interface.

article thumbnail

SonicWall warns of an exploitable SonicOS vulnerability

Security Affairs

” SonicWall is urging customers to upgrade the SonicOS firmware of their firewalls to patch an authentication bypass vulnerability tracked as CVE-2024-53704 (CVSS score of 8.2). The same firmware upgrade contains mitigations for additional, less-critical vulnerabilities.”

Firewall 116