CVE-2025-32885 – “GoTenna v1 App Message Injection Vulnerability”

May 1, 2025

CVE ID : CVE-2025-32885

Published : May 1, 2025, 6:15 p.m. | 1 hour, 11 minutes ago

Description : An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app there makes it possible to inject any custom message (into existing v1 networks) with any GID and Callsign via a software defined radio. This can be exploited if the device is being used in an unencrypted environment or if the cryptography has already been compromised.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-32884 – goTenna Mesh Phone Number Disclosure

Next Article CVE-2025-32887 – GoTenna Frequency Hopping Command Channel Interception Vulnerability

Highlights

CVE-2025-1304 – NewsBlogger for WordPress Arbitrary File Upload Vulnerability

May 1, 2025

CVE ID : CVE-2025-1304

Published : May 1, 2025, 4:16 a.m. | 2 hours, 53 minutes ago

Description : The NewsBlogger theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the newsblogger_install_and_activate_plugin() function in all versions up to, and including, 0.2.5.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary files on the affected site’s server which may make remote code execution possible.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How To Prevent WordPress SQL Injection Attacks

This week in AI dev tools: Apple’s Foundations Model framework, Mistral’s first reasoning model, and more (June 13, 2025)

Open Talent platforms emerging to match skilled workers to needs, study finds

Java never goes out of style: Celebrating 30 years of the language

The 5 gadgets that got me through marathons and obstacle races (and why they work)

This beastly 500W charger replaced every other charger I had – with six ports to boot

Mac Mini won’t power on? Apple will fix it for you – for free

Why I’m switching to VS Code. Hint: It’s all about AI tool integration

From Concept to Code: Final Year PHP Projects with Reports for Smart Submissions

From Concept to Code: Final Year PHP Projects with Reports for Smart Submissions

Building Construction suppliers in India

Neutralinojs v6.1 released

Microsoft Edge’s Quiet Shift to AVIF: Why It Matters

Microsoft Edge’s Quiet Shift to AVIF: Why It Matters

Windows 11 test builds are accidentally playing the Windows Vista startup sound

Leaked: ROG Xbox Ally and Xbox Ally X pre-orders set for August, launch in October

CVE-2025-32885 – “GoTenna v1 App Message Injection Vulnerability”

Team46 (TaxOff) Exploits Google Chrome Zero-Day (CVE-2025-2783) in Sophisticated Phishing Campaign

High-Severity Flaw Exposes ASUS Armoury Crate to Authentication Bypass

How To Turn Your Figma Designs Into Live Apps With Anima Playground

CVE-2025-3954 – ChurchCRM Referer Handler Server-Side Request Forgery Vulnerability

Apple’s bold idea for no-code apps built with Siri – hype or hope?

Designing for people: What architecture can learn from UX

CVE-2025-1304 – NewsBlogger for WordPress Arbitrary File Upload Vulnerability

Linux Crash Reporting Flaws (CVE-2025-5054, 4598) Expose Password Hashes

CVE-2025-4199 – Abundatrade Plugin for WordPress CSRF Vulnerability

CVE-2025-5617 – PHPGurukul Online Fire Reporting System SQL Injection Vulnerability

CVE-2025-32885 – “GoTenna v1 App Message Injection Vulnerability”

Related Posts