Tag: Command Injection
-
Broadcast Lockdown: The CVSS 9.8 Flaw in AVideo That Grants Total Server Control
A critical vulnerability has been unearthed within the AVideo platform, empowering adversaries to hijack video broadcasts and commandeer the server entirely bereft of authentication or any user interaction. This affliction imperils media servers and, upon a triumphant siege, paves the way for remote code execution, the plunder of internal telemetry, and catastrophic disruptions to service…
-
The Kill Switch for AI Agents: How Gen’s “Sage” Stops Autonomous Malware in Real-Time
AI agents are increasingly usurping tasks that formerly necessitated manual intervention: executing terminal commands, modifying repository files, managing dependencies, and retrieving utilities from the vast reaches of the internet. This operational paradigm is already deeply embedded in instruments such as Claude Code, Cursor, and OpenClaw. The inherent peril lies in a singular, stark reality: granting…
-
FortiWeb Alert: New Authenticated Command Injection Flaw (CVE-2025-58034) Actively Exploited
In recent days it has become apparent that FortiWeb had been accumulating issues the manufacturer chose not to disclose in advance. After Fortinet acknowledged active exploitation of the critical vulnerability CVE-2025-64446 — which allows attackers to execute administrative commands without authentication — the company was compelled to confirm yet another dangerous flaw, this time involving…
-
OpenVPN Flaw: RCE Bug Allows Command Injection via DNS Parameters
A vulnerability has been discovered in early builds of OpenVPN, allowing attackers to execute arbitrary commands on a user’s machine. The flaw affects versions from 2.7_alpha1 through 2.7_beta1 and poses a serious threat to POSIX-based systems, including Linux, macOS, and BSD platforms. The issue arises from improper handling of the –dns and –dhcp-option parameters, which…
-
RondoDox Botnet Firing ‘Exploit Shotgun’: Targets 56 Vulnerabilities Across 30+ Router and IoT Vendors
Researchers have identified a large-scale wave of attacks orchestrated by the RondoDox botnet, which employs the so-called “exploit shotgun” technique—literally “firing at everything that moves.” This method involves automatically testing dozens of exploits in succession, hoping to strike any vulnerable target. As a result, no fewer than 56 vulnerabilities across equipment from more than 30…
-
OpenSSH ProxyCommand Flaw CVE-2025-61984 Bypasses Filters, Allowing RCE via Crafted Usernames
A new vulnerability has been discovered in OpenSSH — CVE-2025-61984 — which permits remote code execution (RCE) by abusing the ProxyCommand parameter and peculiarities in shell character handling. Exploitation is possible even in the presence of protections against conventional shell metacharacters by leveraging control characters and syntactic errors that, in some shells, do not halt…
-
High-Severity Figma MCP Flaw CVE-2025-53967 Allows Remote Command Injection via Fallback Mechanism
The popular design tool Figma has faced a potential security threat due to a vulnerability in the Model Context Protocol (MCP) server, the framework underpinning its integration with AI-driven agents. The issue, discovered in the summer of 2025 by specialists from Imperva, has since been resolved — yet at the time of discovery, it allowed…
-
Morte Botnet Unveiled: A Loader-as-a-Service Campaign Hijacking Routers and IoT Devices
CloudSEK researchers have reported a large-scale campaign leveraging a Loader-as-a-Service botnet, which over the past six months has transformed home routers and IoT devices into engines for cryptocurrency mining and Mirai-style attacks. An analysis of leaked command-and-control server logs revealed the full attack chain — from breaching admin panels to deploying multi-architecture binaries and exploiting…