CVE-2025-46093 – LiquidFiles FTP SETUID Setgid Remote Command Execution

August 4, 2025

CVE ID : CVE-2025-46093

Published : Aug. 4, 2025, 11:15 p.m. | 28 minutes ago

Description : LiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 (setuid and setgid), which allows FTPDrop users to execute arbitrary code as root by leveraging the Actionscript feature and the sudoers configuration.

Severity: 9.9 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-8529 – CloudFavorites Favorites-Web SSRF Vulnerability

Next Article CVE-2025-46094 – LiquidFiles Arbitrary File Upload Vulnerability

Highlights

CVE-2025-34023 – Karel IP1211 Path Traversal Vulnerability

June 20, 2025

CVE ID : CVE-2025-34023

Published : June 20, 2025, 7:15 p.m. | 3 hours, 14 minutes ago

Description : A path traversal vulnerability exists in the Karel IP1211 IP Phone’s web management panel. The /cgi-bin/cgiServer.exx endpoint fails to properly sanitize user input to the page parameter, allowing remote authenticated attackers to access arbitrary files on the underlying system by using crafted path traversal sequences (e.g., ../../). This can expose sensitive files such as /etc/passwd and /etc/shadow.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Error’d: You Talkin’ to Me?

The Psychology Of Trust In AI: A Guide To Measuring And Designing For User Confidence

This week in AI updates: OpenAI Codex updates, Claude integration in Xcode 26, and more (September 19, 2025)

Report: The major factors driving employee disengagement in 2025

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

Development Release: Ubuntu 25.10 Beta

Development Release: Linux Mint 7 Beta “LMDE”

Student Performance Prediction System using Python Machine Learning (ML)

Student Performance Prediction System using Python Machine Learning (ML)

The attack on the npm ecosystem continues

Feature Highlight

Hyprland Made Easy: Preconfigured Beautiful Distros

Hyprland Made Easy: Preconfigured Beautiful Distros

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

CVE-2025-46093 – LiquidFiles FTP SETUID Setgid Remote Command Execution

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

Redesigning the UK Transport Watchdog Website

Windows 11: Microsoft is adding Ask Copilot to right-click menu, how to remove it

FermiNet: Quantum physics and chemistry from first principles

AI, Data Protection, and Governance: Key Pillars for the Future of Business

CVE-2025-34023 – Karel IP1211 Path Traversal Vulnerability

Build your toolkit with the 10 DIY gadgets every dad should have

CVE-2025-48742 – SIGB PMB Remote Code Execution Vulnerability

Estimates Are More Valuable Than You Think

CVE-2025-46093 – LiquidFiles FTP SETUID Setgid Remote Command Execution

Related Posts