CVE-2025-23171 & CVE-2025-23172: Versa Director Bugs Open Doors to Webshell Uploads and Command Execution

June 19, 2025

CVE-2025-23171 & CVE-2025-23172: Versa Director Bugs Open Doors to Webshell Uploads and Command Execution

Two newly disclosed vulnerabilities in the Versa Director SD-WAN orchestration platform could allow authenticated attackers to execute remote code or escalate privileges by exploiting insecure file up …

Published Date:
Jun 19, 2025 (3 hours, 57 minutes ago)

Vulnerabilities has been mentioned in this article.

Source: Read More

Previous ArticleWindows 11 Recall Adds Data Export for EU Users: Share Snapshots with Third Parties

Next Article Cisco ClamAV Critical Flaws: CVE-2025-20260 (CVSS 9.8) Allows Code Execution

Highlights

CVE-2025-46348 – YesWiki Unauthenticated Archive Creation and Download Vulnerability

April 29, 2025

CVE ID : CVE-2025-46348

Published : April 29, 2025, 9:15 p.m. | 1 hour, 52 minutes ago

Description : YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the request to commence a site backup can be performed and downloaded without authentication. The archives are created with a predictable filename, so a malicious user could create and download an archive without being authenticated. This could result in a malicious attacker making numerous requests to create archives and fill up the file system, or by downloading the archive which contains sensitive site information. This issue has been patched in version 4.5.4.

Severity: 10.0 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

React.js for SaaS Platforms: How Top Development Teams Help Startups Launch Faster

Upwork Freelancers vs Dedicated React.js Teams: What’s Better for Your Project in 2025?

Is Agile dead in the age of AI?

Top 15 Enterprise Use Cases That Justify Hiring Node.js Developers in 2025

Unplugging these 7 common household devices helped reduce my electricity bills

DistroWatch Weekly, Issue 1133

Anthropic beats OpenAI as the top LLM provider for business – and it’s not even close

I bought Samsung’s Galaxy Watch Ultra 2025 – here’s why I have buyer’s remorse

The details of TC39’s last meeting

The details of TC39’s last meeting

Enhancing Laravel Queries with Reusable Scope Patterns

Everything We Know About Livewire 4

DistroWatch Weekly, Issue 1133

DistroWatch Weekly, Issue 1133

Newelle, a ‘Virtual Assistant’ for GNOME, Hits Version 1.0

Bustle – visualize D-Bus activity

CVE-2025-23171 & CVE-2025-23172: Versa Director Bugs Open Doors to Webshell Uploads and Command Execution

CVE-2025-23171 & CVE-2025-23172: Versa Director Bugs Open Doors to Webshell Uploads and Command Execution

CVE-2025-6754 – “WordPress SEO Metrics Privilege Escalation”

CVE-2025-7710 – “Brave Conversion Engine WordPress Facebook Authentication Bypass”

Top 21 Developer Newsletters to Subscribe To in 2025

CVE-2025-30640 – Trend Micro Deep Security Privilege Escalation Vulnerability

Snap & Grab mixes camp thievery with Hitman-like shenanigans, and it’s coming to Xbox Game Pass in 2026

30+ Best Lightroom Presets for Stunning Portraits

CVE-2025-46348 – YesWiki Unauthenticated Archive Creation and Download Vulnerability

Every Apple Watch that will get WatchOS 26 (and which models won’t be supported)

How E.ON saves £10 million annually with AI diagnostics for smart meters powered by Amazon Textract

CVE-2025-6884 – Apache Code-projects Staff Audit System SQL Injection Vulnerability

CVE-2025-23171 & CVE-2025-23172: Versa Director Bugs Open Doors to Webshell Uploads and Command Execution

CVE-2025-23171 & CVE-2025-23172: Versa Director Bugs Open Doors to Webshell Uploads and Command Execution

Related Posts