CVE-2025-49809 – MTR Sudo Execution Hijacking Vulnerability

July 4, 2025

CVE ID : CVE-2025-49809

Published : July 4, 2025, 1:15 p.m. | 1 hour, 1 minute ago

Description : mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTR_PACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-7061 – Intelbras InControl CSV Injection Vulnerability

Next Article CVE-2025-48172 – SumatraPDF CHMLib Heap-Based Buffer Overflow

Highlights

CVE-2025-6776 – Xiaoyunjie OpenVPN-CMS-Flask Remote Path Traversal

June 27, 2025

CVE ID : CVE-2025-6776

Published : June 27, 2025, 8:15 p.m. | 2 hours, 2 minutes ago

Description : A vulnerability classified as critical was found in xiaoyunjie openvpn-cms-flask up to 1.2.7. This vulnerability affects the function Upload of the file app/plugins/oss/app/controller.py of the component File Upload. The manipulation of the argument image leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.2.8 is able to address this issue. The name of the patch is e23559b98c8ea2957f09978c29f4e512ba789eb6. It is recommended to upgrade the affected component.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

10 Ways Node.js Development Boosts AI & Real-Time Data (2025-2026 Edition)

Looking to Outsource React.js Development? Here’s What Top Agencies Are Doing Right

Beyond The Hype: What AI Can Really Do For Product Design

BrowserStack launches Chrome extension that bundles 10+ manual web testing tools

How much RAM does your Linux PC really need in 2025?

Have solar at home? Supercharge that investment with this other crucial component

I replaced my MacBook charger with this compact wall unit – and wish I’d done it sooner

5 reasons to switch to an immutable Linux distro today – and which to try first

Sentry Adds Logs Support for Laravel Apps

Sentry Adds Logs Support for Laravel Apps

Efficient Context Management with Laravel’s Remember Functions

Laravel Devtoolbox: Your Swiss Army Knife Artisan CLI

From plateau predictions to buggy rollouts — Bill Gates’ GPT-5 skepticism looks strangely accurate

From plateau predictions to buggy rollouts — Bill Gates’ GPT-5 skepticism looks strangely accurate

We gave OpenAI’s open-source AI a kid’s test — here’s what happened

With GTA 6, next-gen exclusives, and a console comeback on the horizon, Xbox risks sitting on the sidelines — here’s why

CVE-2025-49809 – MTR Sudo Execution Hijacking Vulnerability

Workday Staff Fall to Social Engineering; Hackers Access Third-Party CRM Platform

Get Ready for the Black Hat USA 2025 CISO Podcast Series from The Cyber Express and Suraksha Catalyst

This week in AI dev tools: GPT-5, Claude Opus 4.1, and more (August 8, 2025)

Borderlands 4 dev says it’s getting this beloved feature late — here’s why it won’t be at launch

10 Practical Tips to Make Your Website Accessible for the Visually Impaired

CVE-2025-24977: Critical RCE Flaw in OpenCTI Platform Exposes Infrastructure to Root-Level Attacks

CVE-2025-6776 – Xiaoyunjie OpenVPN-CMS-Flask Remote Path Traversal

Restore Photos with AI

CVE-2025-52726 – Pebas CouponXxL Custom Post Types Privilege Escalation Vulnerability

This might be the cheapest I’ve ever seen a Snapdragon X laptop — a deal so good I couldn’t say no

CVE-2025-49809 – MTR Sudo Execution Hijacking Vulnerability

Related Posts