CVE-2025-43595 – MSP360 Backup Privilege Escalation Vulnerability

May 1, 2025

CVE ID : CVE-2025-43595

Published : May 1, 2025, 10:15 p.m. | 1 hour, 12 minutes ago

Description : An insecure file system permissions vulnerability in MSP360 Backup 4.3.1.115 allows a lower privileged user to execute commands with root level privileges in the ‘Online Backup’ folder. Users are recommended to upgrade to MSP360 Backup 4.4 (released on 2025-04-22).

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4176 – PHPGurukul Blood Bank & Donor Management System SQL Injection Vulnerability

Next Article CVE-2025-27365 – IBM MQ Operator SIGSEGV Memory Corruption Vulnerability

Highlights

CVE-2025-7077 – Shenzhen Libituo Technology LBT-T300-T310 Buffer Overflow Vulnerability

July 7, 2025

CVE ID : CVE-2025-7077

Published : July 6, 2025, 7:15 a.m. | 21 hours, 44 minutes ago

Description : A vulnerability classified as critical has been found in Shenzhen Libituo Technology LBT-T300-T310 up to 2.2.3.6. This affects the function config_3g_para of the file /appy.cgi. The manipulation of the argument username_3g/password_3g leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Representative Line: Brace Yourself

Beyond the Pilot: A Playbook for Enterprise-Scale Agentic AI

GitHub launches MCP Registry to provide central location for trusted servers

MongoDB brings Search and Vector Search to self-managed versions of database

Distribution Release: Security Onion 2.4.180

Distribution Release: Omarchy 3.0.1

Distribution Release: Mauna Linux 25

Distribution Release: SparkyLinux 2025.09

AI Momentum and Perficient’s Inclusion in Analyst Reports – Highlights From 2025 So Far

AI Momentum and Perficient’s Inclusion in Analyst Reports – Highlights From 2025 So Far

Shopping Portal using Python Django & MySQL

Perficient Earns Adobe’s Real-time CDP Specialization

Valve Survey Reveals Slight Retreat in Steam-on-Linux Share

Valve Survey Reveals Slight Retreat in Steam-on-Linux Share

Review: Elecrow’s All-in-one Starter Kit for Pico 2

FOSS Weekly #25.38: GNOME 49 Release, KDE Drama, sudo vs sudo-rs, Local AI on Android and More Linux Stuff

CVE-2025-43595 – MSP360 Backup Privilege Escalation Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-2474 – QNX SDP PCX Image Codec Out-of-Bounds Write Denial-of-Service/Execution of Arbitrary Code

Learn Lynx to Create JavaScript Mobile Apps

Siri 2.0 Delayed? Next-Gen AI Assistant Not Expected Until iOS 26.4 in Spring 2026

Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours

CVE-2025-7077 – Shenzhen Libituo Technology LBT-T300-T310 Buffer Overflow Vulnerability

CVE-2025-1731 and CVE-2025-1732 impacts Zyxel Firewalls

Google Warns of 75 Zero-Day Vulnerabilities Exploited in the Wild

CVE-2025-49785 – Apache HTTP Server SQL Injection

CVE-2025-43595 – MSP360 Backup Privilege Escalation Vulnerability

Related Posts