CVE-2025-4905 – Apache iop-apl-uw Basestation3 Deserialization Vulnerability

May 19, 2025

CVE ID : CVE-2025-4905

Published : May 19, 2025, 2:15 a.m. | 32 minutes ago

Description : A vulnerability was found in iop-apl-uw basestation3 up to 3.0.4 and classified as problematic. This issue affects the function load_qc_pickl of the file basestation3/QC.py. The manipulation of the argument qc_file leads to deserialization. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The code maintainer tagged the issue as closed. But there is no new commit nor release in the GitHub repository available so far.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-23164 – Unifi Protect Permanent Livestream Access Token Vulnerability

Next Article CVE-2025-23123 – UBTech UniFi Protect Camera Remote Code Execution Vulnerability

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

Sunshine And March Vibes (2025 Wallpapers Edition)

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

My latest hands-on could be the best value AI laptop of the summer, but I still have questions

DOOM: The Dark Ages had the lowest Steam launch numbers in series history — Is it suffering from the ‘Game Pass Effect’?

Microsoft won’t be left exposed if something “catastrophic” happens to OpenAI — but may still be 3 to 6 months behind ChatGPT

Microsoft Copilot gets OpenAI’s GPT-4o image generation support — but maybe a day late and a dollar short for the hype?

ES6: Set Vs Array- What and When?

ES6: Set Vs Array- What and When?

Transform JSON into Typed Collections with Laravel’s AsCollection::of()

Deployer

My latest hands-on could be the best value AI laptop of the summer, but I still have questions

My latest hands-on could be the best value AI laptop of the summer, but I still have questions

DOOM: The Dark Ages had the lowest Steam launch numbers in series history — Is it suffering from the ‘Game Pass Effect’?

Microsoft won’t be left exposed if something “catastrophic” happens to OpenAI — but may still be 3 to 6 months behind ChatGPT

CVE-2025-4905 – Apache iop-apl-uw Basestation3 Deserialization Vulnerability

SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell

Integrate foundation models into your code with Amazon Bedrock

Microsoft Research Introduces AgentInstruct: A Multi-Agent Workflow Framework for Enhancing Synthetic Data Quality and Diversity in AI Model Training

The 25 best Black Friday robot vacuum deals 2024: Early sales live now

I’ve never seen anything like this insanely powerful 14-inch AI laptop, but only about 4 people need it

How to Optimize Next.js Web Apps for Better Performance

SaveDesktop: La soluzione per salvare e ripristinare le configurazioni del desktop GNU/Linux

How to rename and retain the endpoint name for Amazon RDS

Sitecore XM Cloud Content Migration: Plan and Strategy

CVE-2025-4905 – Apache iop-apl-uw Basestation3 Deserialization Vulnerability

Related Posts