CVE-2025-49163 – Arris VIP1113 Boot Image Injection Vulnerability

June 2, 2025

CVE ID : CVE-2025-49163

Published : June 3, 2025, 12:15 a.m. | 1 hour, 21 minutes ago

Description : Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow booting an arbitrary image via a crafted /usr/bin/gunzip file.

Severity: 6.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-49164 – Arris VIP1113 TV Set-Top Box Firmware Decryption Key Disclosure

Next Article CVE-2025-49162 – Arris VIP1113 TFTP File Overwrite Vulnerability

Highlights

CVE-2025-9094 – ThingsBoard Template Engine Remote Code Injection Vulnerability

August 17, 2025

CVE ID : CVE-2025-9094

Published : Aug. 17, 2025, 11:15 p.m. | 2 hours, 56 minutes ago

Description : A vulnerability was detected in ThingsBoard 4.1. This vulnerability affects unknown code of the component Add Gateway Handler. The manipulation leads to improper neutralization of special elements used in a template engine. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor replies, that “[t]he fix will come within upcoming release (v4.2) and will be inherited by maintenance releases of LTS versions (starting 4.0).”

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Microsoft AI Introduces Magentic-UI: An Open-Source Agent Prototype that Works with People to Complete Complex Tasks that Require Multi-Step Planning and Browser Use

May 22, 2025

CVE-2025-40624 – TCMAN’s GIM SQL Injection Vulnerability

May 6, 2025

Capital One Zelle not Working: 7 Fast Fixes

August 31, 2025

This week in AI updates: Mistral’s new Le Chat features, ChatGPT updates, and more (September 5, 2025)

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Beyond the benchmarks: Understanding the coding personalities of different LLMs

Hitachi Energy Pledges $1B to Strengthen US Grid, Build Largest Transformer Plant in Virginia

How to debug a web app with Playwright MCP and GitHub Copilot

Between Strategy and Story: Thierry Chopain’s Creative Path

What You Need to Know About CSS Color Interpolation

Why browsers throttle JavaScript timers (and what to do about it)

Why browsers throttle JavaScript timers (and what to do about it)

How to create Google Gemini AI component in Total.js Flow

Drupal 11’s AI Features: What They Actually Mean for Your Team

Harnessing GitOps on Linux for Seamless, Git-First Infrastructure Management

Harnessing GitOps on Linux for Seamless, Git-First Infrastructure Management

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

Distribution Release: Linux Mint 22.2

CVE-2025-49163 – Arris VIP1113 Boot Image Injection Vulnerability

GhostRedirector poisons Windows servers: Backdoors with a side of Potatoes

VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages

CVE-2025-2944 – Elementor Jeg Stored Cross-Site Scripting (XSS)

SAP NetWeaver Flaw Scores 10.0 Severity as Hackers Deploy Web Shells

Send Notifications in Laravel with Firebase Cloud Messaging and Notifire

Protect sensitive data in RAG applications with Amazon Bedrock

CVE-2025-9094 – ThingsBoard Template Engine Remote Code Injection Vulnerability

Microsoft AI Introduces Magentic-UI: An Open-Source Agent Prototype that Works with People to Complete Complex Tasks that Require Multi-Step Planning and Browser Use

CVE-2025-40624 – TCMAN’s GIM SQL Injection Vulnerability

Capital One Zelle not Working: 7 Fast Fixes

CVE-2025-49163 – Arris VIP1113 Boot Image Injection Vulnerability

Related Posts