CVE-2025-3928 – Commvault Web Server Remote Webshell Execution

April 25, 2025

CVE ID : CVE-2025-3928

Published : April 25, 2025, 4:15 p.m. | 3 hours, 29 minutes ago

Description : Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenticated attacker. According to the Commvault advisory: “Webservers can be compromised through bad actors creating and executing webshells.” Fixed in version 11.36.46, 11.32.89, 11.28.141, and 11.20.217 for Windows and Linux platforms.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-25775 – Codeastro Bus Ticket Booking System SQL Injection Vulnerability

Next Article CVE-2025-2070 – “FileZ XML Parsing Denial of Service”

Highlights

CVE-2025-8069 – AWS Client VPN Windows OpenSSL Configuration File Execution

July 23, 2025

CVE ID : CVE-2025-8069

Published : July 23, 2025, 4:15 p.m. | 6 hours, 50 minutes ago

Description : During the AWS Client VPN client installation on Windows devices, the install process references the C:usrlocalwindows-x86_64-openssl-localbuildssl directory location to fetch the OpenSSL configuration file. As a result, a non-admin user could place arbitrary code in the configuration file. If an admin user starts the AWS Client VPN client installation process, that code could be executed with root-level privileges. This issue does not affect Linux or Mac devices.

We recommend users discontinue any new installations of AWS Client VPN on Windows prior to version 5.2.2.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

From Data To Decisions: UX Strategies For Real-Time Dashboards

Honeycomb launches AI observability suite for developers

Low-Code vs No-Code Platforms for Node.js: What CTOs Must Know Before Investing

ServiceNow unveils Zurich AI platform

DistroWatch Weekly, Issue 1139

Building personal apps with open source and AI

What Can We Actually Do With corner-shape?

Craft, Clarity, and Care: The Story and Work of Mengchu Yao

Optimizely Mission Control – Part III

Optimizely Mission Control – Part III

Learning from PHP Log to File Example

Online EMI Calculator using PHP – Calculate Loan EMI, Interest, and Amortization Schedule

DistroWatch Weekly, Issue 1139

DistroWatch Weekly, Issue 1139

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

Dmitry — The Deep Magic

CVE-2025-3928 – Commvault Web Server Remote Webshell Execution

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

Artificial Intelligence – What’s all the fuss?

CVE-2025-48265 – Pektsekye Year Make Model Search for WooCommerce CSRF

CVE-2025-32818 – SonicWall SonicOS SSLVPN Null Pointer Dereference DoS

Hack the model: Build AI security skills with the GitHub Secure Code Game

CVE-2025-8069 – AWS Client VPN Windows OpenSSL Configuration File Execution

CVE-2025-9699 – SourceCodester Online Polling System Code SQL Injection

Technical difficulties or cyber attack? Ingram Micro’s website goes down just in time for the holiday weekend

OneDrive for Mac will soon give you more flexible storage options

CVE-2025-3928 – Commvault Web Server Remote Webshell Execution

Related Posts