CVE-2025-43595 – MSP360 Backup Privilege Escalation Vulnerability

May 1, 2025

CVE ID : CVE-2025-43595

Published : May 1, 2025, 10:15 p.m. | 1 hour, 12 minutes ago

Description : An insecure file system permissions vulnerability in MSP360 Backup 4.3.1.115 allows a lower privileged user to execute commands with root level privileges in the ‘Online Backup’ folder. Users are recommended to upgrade to MSP360 Backup 4.4 (released on 2025-04-22).

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4176 – PHPGurukul Blood Bank & Donor Management System SQL Injection Vulnerability

Next Article CVE-2025-27365 – IBM MQ Operator SIGSEGV Memory Corruption Vulnerability

Highlights

CVE-2025-1048 – Sonos Era 300 Speaker SMB Use-After-Free Remote Code Execution Vulnerability

April 23, 2025

CVE ID : CVE-2025-1048

Published : April 23, 2025, 5:16 p.m. | 1 hour, 42 minutes ago

Description : Sonos Era 300 Speaker libsmb2 Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the processing of SMB data. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the anacapa user. Was ZDI-CAN-25535.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

My top gaming laptop of 2024 defended its crown with a redesign, but lost one of my favorite features

“I do agree that Diablo 4 still has a lot of untapped potential,” Diablo 4 developers discuss Season 8 themes, their evolving developer philosophy, and more

Thanks to Xbox’s price hike, the Series S is now more expensive than the PS5

Elden Ring Nightreign classes: All 8 Nightfarer characters in FromSoftware’s co-op spinoff explained

Brisa 0.2.12 – Near 0.3 🔜

Brisa 0.2.12 – Near 0.3 🔜

Essential Git Command Reference: The Core Operations Every Developer Needs

nativephp/electron

Microsoft’s Bing share is now 12.2%, Google drops to 79.10%, and it’s not due to ChatGPT

Microsoft’s Bing share is now 12.2%, Google drops to 79.10%, and it’s not due to ChatGPT

MeshLab processes and edits 3D triangular meshes

NVIDIA_OC overclocks NVIDIA GPUs

CVE-2025-43595 – MSP360 Backup Privilege Escalation Vulnerability

CISA Adds Two New Exploited Vulnerabilities to Its Catalog: CVE-2024-38475 and CVE-2023-44221

watchTowr Warns of Active Exploitation of SonicWall SMA 100 Devices

Microsoft AI Introduces Claimify: A Novel LLM-based Claim-Extraction Method that Outperforms Prior Solutions to Produce More Accurate, Comprehensive, and Substantiated Claims from LLM Outputs

Leaf – slim and lightweight PHP framework

SelfGoal: An Artificial Intelligence AI Framework to Enhance an LLM-based Agentâ€™s Capabilities to Achieve High-Level Goals

Dark Mode and Accessibility: Finding the Right Balance

CVE-2025-1048 – Sonos Era 300 Speaker SMB Use-After-Free Remote Code Execution Vulnerability

Best YouTube Channels for UX Designers

CVE-2025-3637 – Moodle CSRF Information Disclosure

What if Dieter Rams of Braun made a phone?

CVE-2025-43595 – MSP360 Backup Privilege Escalation Vulnerability

Related Posts