CVE-2025-48415 – Cisco USB Backdoor Command Injection Vulnerability

May 21, 2025

CVE ID : CVE-2025-48415

Published : May 21, 2025, 1:16 p.m. | 1 hour, 34 minutes ago

Description : A USB backdoor feature can be triggered by attaching a USB drive that contains specially crafted “salia.ini” files. The .ini file can contain several “commands” that could be exploited by an attacker to export or modify the device configuration, enable an SSH backdoor or perform other administrative actions. Ultimately, this backdoor also allows arbitrary execution of OS commands.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48416 – OpenSSH Root Login Hard-Coded Credential Disclosure

Next Article CVE-2025-40775 – BIND DNS Invalid TSIG Algorithm Field Vulnerability

Highlights

CVE-2025-4111 – PHPGurukul Pre-School Enrollment System SQL Injection Vulnerability

April 30, 2025

CVE ID : CVE-2025-4111

Published : April 30, 2025, 11:15 a.m. | 1 hour, 39 minutes ago

Description : A vulnerability was found in PHPGurukul Pre-School Enrollment System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/visitor-details.php. The manipulation of the argument Status leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

10 Top Node.js Development Companies for Enterprise-Scale Projects (2025-2026 Ranked & Reviewed)

12 Must-Know Cost Factors When Hiring Node.js Developers for Your Enterprise

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

RIP, Perfect Dark — Xbox leadership canceled my most-anticipated game, and the developers deserved better

I keep seeing people at events taking notes on E-Ink tablets — so I tried one to see what all the fuss is about

“A fantastic device for creative users” — this $550 discount on ASUS’s 3K OLED creator laptop disappears before Prime Day

Distribution Release: Rhino Linux 2025.3

Token System using PHP and MySQL

Token System using PHP and MySQL

Create React UI component with uncontrollable

Flaget – new small 5kB CLI argument parser

RIP, Perfect Dark — Xbox leadership canceled my most-anticipated game, and the developers deserved better

RIP, Perfect Dark — Xbox leadership canceled my most-anticipated game, and the developers deserved better

I keep seeing people at events taking notes on E-Ink tablets — so I tried one to see what all the fuss is about

Le notizie minori del mondo GNU/Linux e dintorni della settimana nr 27/2025

CVE-2025-48415 – Cisco USB Backdoor Command Injection Vulnerability

Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC

CISA Adds 3 Flaws to KEV Catalog, Impacting AMI MegaRAC, D-Link, Fortinet

Salt Typhoon Cyberattack: FBI Investigates PRC-linked Breach of US Telecoms

CVE-2025-47754 – V-SFT EditData Out-of-Bounds Read Vulnerability

Color Everything in CSS

Gemini 2.5 Pro Preview: even better coding performance

CVE-2025-4111 – PHPGurukul Pre-School Enrollment System SQL Injection Vulnerability

Building AI-Powered Applications Using the Plan → Files → Code Workflow in TinyDev

CVE-2025-40569 – Siemens SCALANCE Web Interface Load Configuration Remote Authentication Bypass Vulnerability

JavaScript Formatter

CVE-2025-48415 – Cisco USB Backdoor Command Injection Vulnerability

Related Posts