CVE-2025-46735 – Terraform WinDNS Provider Authenticated Command Injection

May 6, 2025

CVE ID : CVE-2025-46735

Published : May 6, 2025, 5:16 p.m. | 2 hours, 19 minutes ago

Description : Terraform WinDNS Provider allows users to manage their Windows DNS server resources through Terraform. A security issue has been found in Terraform WinDNS Provider before version `1.0.5`. The `windns_record` resource did not sanitize the input variables. This could lead to authenticated command injection in the underlyding powershell command prompt. Version 1.0.5 contains a fix for the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46736 – Umbraco Account Existence Disclosure

Next Article CVE-2025-45250 – MrDoc SSRF Vulnerability

Highlights

CVE-2025-5700 – WordPress Simple Logo Carousel Stored Cross-Site Scripting Vulnerability

June 17, 2025

CVE ID : CVE-2025-5700

Published : June 17, 2025, 12:15 p.m. | 2 hours, 11 minutes ago

Description : The Simple Logo Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.9.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The Power Of The Intl API: A Definitive Guide To Browser-Native Internationalization

This week in AI dev tools: GPT-5, Claude Opus 4.1, and more (August 8, 2025)

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

3 portable power stations I travel everywhere with (and how they differ)

I tried Lenovo’s new rollable ThinkBook and can’t go back to regular-sized screens

The Creators of the Acclaimed Silent Hill 2 Remake Present a Deep Dive Into the Story of Their Newest Horror Game IP — and It’s So Bizarre and Insane That It’s Convinced Me To Put It on My Wishlist

Forget Back to School Deals — Lenovo’s Clearance Sale is Where You’ll Find Amazing Discounts on Laptops, Mini PCs, and More, While Supplies Last

spatie/laravel-flare

spatie/laravel-flare

Establishing Consistent Data Foundations with Laravel’s Database Population System

Generate Postman Collections from Laravel Routes

The Creators of the Acclaimed Silent Hill 2 Remake Present a Deep Dive Into the Story of Their Newest Horror Game IP — and It’s So Bizarre and Insane That It’s Convinced Me To Put It on My Wishlist

The Creators of the Acclaimed Silent Hill 2 Remake Present a Deep Dive Into the Story of Their Newest Horror Game IP — and It’s So Bizarre and Insane That It’s Convinced Me To Put It on My Wishlist

Forget Back to School Deals — Lenovo’s Clearance Sale is Where You’ll Find Amazing Discounts on Laptops, Mini PCs, and More, While Supplies Last

The Gaming Desktop I’ve Relied on More Than Any Other Is More Powerful and Sleeker Than Ever — But Damn, It’s Expensive

CVE-2025-46735 – Terraform WinDNS Provider Authenticated Command Injection

Android adware: What is it, and how do I get it off my device?

Black Hat USA 2025: Is a high cyber insurance premium about your risk, or your insurer’s?

Monster Hunter Wilds game reviews hit “Overwhelmingly Negative” on Steam — can Capcom turn it around?

10 Ways to Become an IT Superstar (Free Download)

Amatera Stealer Unveiled: Rebranded ACR Stealer Now More Evasive, Targeting Your Data

What Does It Really Mean For A Site To Be Keyboard Navigable

CVE-2025-5700 – WordPress Simple Logo Carousel Stored Cross-Site Scripting Vulnerability

The AI Fix #45: The Turing test falls to GPT-4.5

Personalized Optimizely CMS Website Search Experiences Azure AI Search & Personalizer

Nephele is a pluggable WebDAV server

CVE-2025-46735 – Terraform WinDNS Provider Authenticated Command Injection

Related Posts