CVE-2025-4357 – Tenda RX3 Command Injection Vulnerability

May 6, 2025

CVE ID : CVE-2025-4357

Published : May 6, 2025, 2:15 p.m. | 1 hour, 19 minutes ago

Description : A vulnerability was found in Tenda RX3 16.03.13.11_multi. It has been rated as critical. This issue affects some unknown processing of the file /goform/telnet. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4358 – PHPGurukul Company Visitor Management System SQL Injection Vulnerability

Next Article CVE-2025-4356 – Tenda DAP-1520 Stack-Based Buffer Overflow in Authentication Handler

Highlights

CVE-2025-8737 – Open Redirect Vulnerability in zlt2000 Microservices-Platform

August 8, 2025

CVE ID : CVE-2025-8737

Published : Aug. 8, 2025, 8:15 p.m. | 5 hours, 9 minutes ago

Description : A vulnerability, which was classified as problematic, was found in zlt2000 microservices-platform up to 6.0.0. This affects the function onLogoutSuccess of the file src/main/java/com/central/oauth/handler/OauthLogoutSuccessHandler.java. The manipulation of the argument redirect_url leads to open redirect. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Error’d: You Talkin’ to Me?

The Psychology Of Trust In AI: A Guide To Measuring And Designing For User Confidence

This week in AI updates: OpenAI Codex updates, Claude integration in Xcode 26, and more (September 19, 2025)

Report: The major factors driving employee disengagement in 2025

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

@ts-ignore is almost always the worst option

@ts-ignore is almost always the worst option

MutativeJS v1.3.0 is out with massive performance gains

Student Performance Prediction System using Python Machine Learning (ML)

DistroWatch Weekly, Issue 1140

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Hyprland Made Easy: Preconfigured Beautiful Distros

CVE-2025-4357 – Tenda RX3 Command Injection Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitation

GitHub Availability Report: March 2025

CVE-2025-5926 – WordPress Link Shield CSRF

I’ve seen enough premium gaming handhelds — ASUS, Lenovo, and more could learn from AYANEO’s new budget-friendly line

CVE-2025-8737 – Open Redirect Vulnerability in zlt2000 Microservices-Platform

My latest hands-on could be the best value AI laptop of the summer, but I still have questions

CVE-2025-5229 – Campcodes Online Hospital Management System SQL Injection Vulnerability

How AI Agents Store, Forget, and Retrieve? A Fresh Look at Memory Operations for the Next-Gen LLMs

CVE-2025-4357 – Tenda RX3 Command Injection Vulnerability

Related Posts