CVE-2025-50740 – AutoConnect Arduino Library XSS Vulnerability

August 6, 2025

CVE ID : CVE-2025-50740

Published : Aug. 6, 2025, 9:15 p.m. | 3 hours, 47 minutes ago

Description : AutoConnect 1.4.2, an Arduino library, is vulnerable to a cross site scripting (xss) vulnerability. The AutoConnect web interface /_ac/config allows HTML/JS code to be executed via a crafted network SSID.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-51052 – Vedo Suite Path Traversal Vulnerability

Next Article CVE-2025-47908 – Apache Middleware Denial of Service Vulnerability

Highlights

CVE-2025-2773 – BEC Technologies Multiple Routers TCP Port 22 Command Injection Remote Code Execution Vulnerability

April 23, 2025

CVE ID : CVE-2025-2773

Published : April 23, 2025, 5:16 p.m. | 1 hour, 42 minutes ago

Description : BEC Technologies Multiple Routers sys ping Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of BEC Technologies Multiple Routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.

The specific flaw exists within the management interface, which listens on TCP port 22 by default. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-25903.

Severity: 7.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

Melissa brings its data quality solutions to Azure with new SSIS integration

Automating Design Systems: Tips And Resources For Getting Started

This $180 mini projector has no business being this good for the price

GPT-5 is finally here, and you can access it for free today – no subscription needed

Changing this Android setting instantly doubled my phone speed (Samsung and Google models included)

ChatGPT can now talk nerdy to you – plus more personalities and other upgrades beyond GPT-5

Advanced Application Architecture through Laravel’s Service Container Management

Advanced Application Architecture through Laravel’s Service Container Management

Switch Between Personas in Laravel With the MultiPersona Package

AI-Driven Smart Tagging and Metadata in AEM Assets

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Halo Infinite’s Fall Update: New Features and Modes to Revive the Game?

Forza Motorsport’s Future in Jeopardy: Fans Demand Clarity from Microsoft

CVE-2025-50740 – AutoConnect Arduino Library XSS Vulnerability

Microsoft to Pull Plug on Shared EWS Access in Hybrid Exchange by October

Google Confirms Salesforce Database Breach by ShinyHunters Group

CVE-2025-43026 – HP Support Assistant Privilege Escalation Vulnerability

CVE-2025-44531 – Realtek RTL8762EKF-EVB Bluetooth Denial of Service

Laravel in the First Half of 2025

Salt Typhoon Cyberattack: FBI Investigates PRC-linked Breach of US Telecoms

CVE-2025-2773 – BEC Technologies Multiple Routers TCP Port 22 Command Injection Remote Code Execution Vulnerability

HDF Compass – experimental viewer program for HDF5

Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised

CVE-2025-5791 – Rust Crate Root Group Privilege Escalation

CVE-2025-50740 – AutoConnect Arduino Library XSS Vulnerability

Related Posts