CVE-2025-26692 – Quick Agent Path Traversal Vulnerability

April 28, 2025

CVE ID : CVE-2025-26692

Published : April 28, 2025, 12:15 a.m. | 2 hours, 49 minutes ago

Description : Quick Agent V3 and Quick Agent V2 contain an issue with improper limitation of a pathname to a restricted directory (‘Path Traversal’). If exploited, arbitrary code may be executed by a remote unauthenticated attacker with the Windows system privilege where the product is running.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-31144 – Quick Agent Windows RCE Vulnerability

Next Article CVE-2025-3991 – TOTOLINK N150RT Buffer Overflow Vulnerability

Highlights

CVE-2025-5952 – Zend.To OS Command Injection

June 10, 2025

CVE ID : CVE-2025-5952

Published : June 10, 2025, 5:15 a.m. | 28 minutes ago

Description : A vulnerability, which was classified as critical, has been found in Zend.To up to 6.10-6 Beta. This issue affects the function exec of the file NSSDropoff.php. The manipulation of the argument file_1 leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 6.10-7 is able to address this issue. It is recommended to upgrade the affected component. This affects a rather old version of the software. The vendor recommends updating to the latest release.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: Functionally, a Date

Creating Elastic And Bounce Effects With Expressive Animator

Microsoft shares Insiders preview of Visual Studio 2026

From Data To Decisions: UX Strategies For Real-Time Dashboards

DistroWatch Weekly, Issue 1139

Building personal apps with open source and AI

What Can We Actually Do With corner-shape?

Craft, Clarity, and Care: The Story and Work of Mengchu Yao

Can I use React Server Components (RSCs) today?

Can I use React Server Components (RSCs) today?

Perficient Named among Notable Providers in Forrester’s Q3 2025 Commerce Services Landscape

Sarah McDowell Helps Clients Build a Strong AI Foundation Through Salesforce

I Ran Local LLMs on My Android Phone

I Ran Local LLMs on My Android Phone

DistroWatch Weekly, Issue 1139

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

CVE-2025-26692 – Quick Agent Path Traversal Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-44203 – HotelDruid SQL Injection and DoS Vulnerability

Marvel Rivals Season 3 Launches July 11 with Perks for College Players

CVE-2025-48058 – PowSyBl Regular Expression Denial of Service (ReDoS)

CVE-2025-4304 – PHPGurukul Cyber Cafe Management System SQL Injection

CVE-2025-5952 – Zend.To OS Command Injection

8 CSS & JavaScript Snippets for Creating Sticky Elements

May 2025 Patch Tuesday update KB5058405 fixes Windows 11 Linux dual-boot issue

How developers advocacy fuels product growth

CVE-2025-26692 – Quick Agent Path Traversal Vulnerability

Related Posts