CVE-2025-37112 – HPE Telco Network Function Virtual Orchestrator Key Storage Policy Information Disclosure

July 31, 2025

CVE ID : CVE-2025-37112

Published : July 31, 2025, 8:15 p.m. | 4 hours, 11 minutes ago

Description : A vulnerability was discovered in the storage policy for certain sets of encryption keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information.

Severity: 6.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-37108 – “HPE Telco Service Activator Cross-Site Scripting Vulnerability”

Next Article CVE-2025-37111 – HPE Telco Network Function Virtual Orchestrator Authentication Key Storage Policy Information Disclosure

Highlights

CVE-2025-52357 – FiberHome FD602GW-DX-R410 Router Ping Diagnostic XSS

July 10, 2025

CVE ID : CVE-2025-52357

Published : July 9, 2025, 8:15 p.m. | 7 hours, 49 minutes ago

Description : Cross-Site Scripting (XSS) vulnerability exists in the ping diagnostic feature of FiberHome FD602GW-DX-R410 router (firmware V2.2.14), allowing an authenticated attacker to execute arbitrary JavaScript code in the context of the router s web interface. The vulnerability is triggered via user-supplied input in the ping form field, which fails to sanitize special characters. This can be exploited to hijack sessions or escalate privileges through social engineering or browser-based attacks.

Severity: 4.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Upwork Freelancers vs Dedicated React.js Teams: What’s Better for Your Project in 2025?

Is Agile dead in the age of AI?

Top 15 Enterprise Use Cases That Justify Hiring Node.js Developers in 2025

The Core Model: Start FROM The Answer, Not WITH The Solution

Finally, a sleek gaming laptop I can take to the office (without sacrificing power)

These jobs face the highest risk of AI takeover, according to Microsoft

Apple’s tariff costs and iPhone sales are soaring – how long until device prices are too?

5 ways to successfully integrate AI agents into your workplace

Enhancing Laravel Queries with Reusable Scope Patterns

Enhancing Laravel Queries with Reusable Scope Patterns

Everything We Know About Livewire 4

Everything We Know About Livewire 4

YouTube wants to use AI to treat “teens as teens and adults as adults” — with the most age-appropriate experiences and protections

YouTube wants to use AI to treat “teens as teens and adults as adults” — with the most age-appropriate experiences and protections

Sam Altman is afraid of OpenAI’s GPT-5 creation — “The Manhattan Project feels very fast, like there are no adults in the room”

9 new features that arrived on the Windows 11 Insider Program during the second half of July 2025

CVE-2025-37112 – HPE Telco Network Function Virtual Orchestrator Key Storage Policy Information Disclosure

This month in security with Tony Anscombe – July 2025 edition

WordPress AI Engine Plugin Bug Allows Remote Code Execution – Update Now

CVE-2025-48992 – Group-Office Cross-Site Scripting Vulnerability

12 Must-Know Cost Factors When Hiring Node.js Developers for Your Enterprise

New TeleMessage SGNL Flaw Is Actively Being Exploited by Attackers

Not sure where to go with AI? Here’s your roadmap.

CVE-2025-52357 – FiberHome FD602GW-DX-R410 Router Ping Diagnostic XSS

CVE-2025-6444 – ServiceStack NTLM Relay Vulnerability

Juan Cardona Leads Data Innovation Across Latin America

How to Advance from SOC Manager to CISO?

CVE-2025-37112 – HPE Telco Network Function Virtual Orchestrator Key Storage Policy Information Disclosure

Related Posts