CVE-2025-5870 – TRENDnet TV-IP121W Web Interface Improper Authentication Vulnerability

June 9, 2025

CVE ID : CVE-2025-5870

Published : June 9, 2025, 9:15 a.m. | 23 minutes ago

Description : A vulnerability has been found in TRENDnet TV-IP121W 1.1.1 Build 36 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/setup.cgi of the component Web Interface. The manipulation leads to improper authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5869 – RT-Thread sys_recvfrom Memory Corruption Vulnerability

Next Article CVE-2025-5894 – Honding Technology Smart Parking Management System Missing Authorization Privilege Escalation Vulnerability

Highlights

CVE-2025-50067 – Oracle Application Express Strategic Planner Starter App HTTP Takeover Vulnerability

July 16, 2025

CVE ID : CVE-2025-50067

Published : July 15, 2025, 8:15 p.m. | 6 hours, 44 minutes ago

Description : Vulnerability in Oracle Application Express (component: Strategic Planner Starter App). Supported versions that are affected are 24.2.4 and 24.2.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Application Express. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Application Express, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle Application Express. CVSS 3.1 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H).

Severity: 9.0 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Designing Better UX For Left-Handed People

This week in AI dev tools: Gemini 2.5 Flash-Lite, GitLab Duo Agent Platform beta, and more (July 25, 2025)

Tenable updates Vulnerability Priority Rating scoring method to flag fewer vulnerabilities as critical

Google adds updated workspace templates in Firebase Studio that leverage new Agent mode

How to build secure and scalable remote MCP servers

How to Discover a CSS Trick

Designer Spotlight: Ivor Jian

Error’d: It’s Getting Hot in Here

The details of TC39’s last meeting

The details of TC39’s last meeting

Will WebAssembly ever get DOM support?

Blade Service Injection: Direct Service Access in Laravel Templates

Securing Linux: Steady Momentum in AppArmor and SELinux Uptake

Securing Linux: Steady Momentum in AppArmor and SELinux Uptake

Microsoft Quietly tests Copilot in Edge InPrivate Browsing Mode

Intel confirms major job cuts, targets 24,500 layoffs by end of 2025

CVE-2025-5870 – TRENDnet TV-IP121W Web Interface Improper Authentication Vulnerability

Rogue CAPTCHAs: Look out for phony verification pages spreading malware

ToolShell: An all-you-can-eat buffet for threat actors

Memotron – Your memory atlas

CVE-2025-4918 – Firefox ESR JavaScript Promise Out-of-Bounds Access

CVE-2025-46613 – OpenPLC Server Memory Corruption

Microsoft pledges to train 1 million UK workers in AI by end of 2025

CVE-2025-50067 – Oracle Application Express Strategic Planner Starter App HTTP Takeover Vulnerability

CVE-2025-5214 – Kashipara Responsive Online Learning Platform SQL Injection Vulnerability

Android Development Codelab: Mastering Advanced Concepts

CVE-2025-36535 – Apache HTTP Server Unauthenticated Remote Access Vulnerability

CVE-2025-5870 – TRENDnet TV-IP121W Web Interface Improper Authentication Vulnerability

Related Posts