CVE-2025-48890 – Western Digital WRH-733 Miniigd OS Command Injection

June 24, 2025

CVE ID : CVE-2025-48890

Published : June 24, 2025, 5:15 a.m. | 4 hours, 44 minutes ago

Description : WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command (‘OS Command Injection’) vulnerability in miniigd SOAP service. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be executed.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-41427 – WRC-X3000GS, WRC-X3000GSA, and WRC-X3000GSN OS Command Injection Vulnerability in Connection Diagnostics Page

Next Article CVE-2025-43877 – WRC-1167GHBK2-S WebGUI Cross-Site Scripting (XSS)

Highlights

CVE-2024-13916 – Kruger&Matz com.pri.applock Fingerprint PIN Code Exfiltration

May 30, 2025

CVE ID : CVE-2024-13916

Published : May 30, 2025, 4:15 p.m. | 1 hour, 23 minutes ago

Description : An application “com.pri.applock”, which is pre-loaded on Kruger&Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data.
Exposed ”com.android.providers.settings.fingerprint.PriFpShareProvider“ content provider’s public method query() allows any other malicious application, without any granted Android system permissions, to exfiltrate the PIN code.

Vendor did not provide information about vulnerable versions.
Only version (version name: 13, version code: 33) was tested and confirmed to have this vulnerability

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: Across the 4th Dimension

Cursor vs GitHub Copilot (2025): Which AI Platform Wins for Your Node.js Dev Team?

NuGet adds support for Trusted Publishing

AWS launches IDE extension for building browser automation agents

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

DistroWatch Weekly, Issue 1140

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

IDC ServiceScape for Microsoft Power Apps Low-Code/No-Code Custom Application Development Services

A Stream-Oriented UI library for interactive web applications

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

CVE-2025-48890 – Western Digital WRH-733 Miniigd OS Command Injection

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

This AI Paper Introduces a Machine Learning Framework to Estimate the Inference Budget for Self-Consistency and GenRMs (Generative Reward Models)

Helldivers 2 split-screen co-op is “technically feasible,” says CEO — 8-player mode would be “cool but messy”

Microsoft Edge tests AI-overhauled MSN feed with ads, but you can turn it off

CVE-2025-28099 – Opencms Arbitrary File Read Vulnerability

CVE-2024-13916 – Kruger&Matz com.pri.applock Fingerprint PIN Code Exfiltration

CVE-2022-26072 – Apache Struts Remote Code Execution

CVE-2025-55732 – Frappe SQL Injection Bypass

Get 50% off an Amazon Prime membership if you’re age 18-24 – here’s how

CVE-2025-48890 – Western Digital WRH-733 Miniigd OS Command Injection

Related Posts