#unauthenticated-rce

[ follow ]
#cve-2025-40602 #sma-1000 #privilege-escalation #cve-2025-4008 #meteobridge #command-injection #cisa-kev
Information security
fromTheregister
15 hours ago

Another bad week for SonicWall as SMA 1000 0-day exploited

A zero-day in SonicWall SMA 1000 (CVE-2025-40602) is actively exploited, enabling privilege escalation and, when chained, unauthenticated RCE with root access.
Information security
fromThe Hacker News
2 months ago

CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild

Meteobridge contains a command-injection vulnerability (CVE-2025-4008) allowing unauthenticated remote attackers to execute arbitrary commands as root; vulnerability is actively exploited and patched in version 6.
[ Load more ]