Topic: rce vulnerability
-
Over 1,200 IceWarp Servers Exposed to Critical RCE Flaw
A critical remote code execution vulnerability (CVE-2025-14500) in IceWarp software puts over 1,200 internet-facing servers at immediate risk, requiring urgent patching. The flaw is an unauthenticated OS command injection that grants attackers full system control, and patches have been available ...
Read More » -
Synology Patches Critical BeeStation Flaws Exposed at Pwn2Own
Synology released a critical security update for BeeStation devices to fix a remote code execution vulnerability (CVE-2025-12686) caused by an unchecked buffer copy operation. The flaw was exploited live at Pwn2Own Ireland 2025, earning researchers a $40,000 prize, and users must upgrade to BeeSt...
Read More » -
Critical DrayTek Router Flaw Allows Remote Code Execution
A critical vulnerability (CVE-2025-10547) in DrayTek routers allows unauthenticated remote attackers to execute commands via crafted HTTP/HTTPS requests, potentially leading to system crashes or code execution. DrayTek has released firmware updates for 35 router models and advises immediate insta...
Read More » -
Urgent CISA Alert: Active Oracle Identity Manager RCE Exploits
A critical security vulnerability (CVE-2025-61757) in Oracle Identity Manager allows attackers to execute remote code without authentication by exploiting weaknesses in REST API security filters. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has mandated federal agencies to pat...
Read More »