CVE-2024-13957 – ASPECT SSRF Server Side Request Forgery

May 22, 2025

CVE ID : CVE-2024-13957

Published : May 22, 2025, 7:15 p.m. | 1 hour, 30 minutes ago

Description : SSRF Server Side Request Forgery vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.

Severity: 7.6 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-13958 – Aspect Stored Cross-Site Scripting Vulnerability

Next Article CVE-2024-13956 – ASPECT SSL Verification Bypass Authentication Bypass

Highlights

CVE-2025-3882 – eCharge Hardy Barth cPH2 Command Injection Remote Code Execution Vulnerability

May 22, 2025

CVE ID : CVE-2025-3882

Published : May 22, 2025, 1:15 a.m. | 1 hour, 44 minutes ago

Description : eCharge Hardy Barth cPH2 nwcheckexec.php dest Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of eCharge Hardy Barth cPH2 charging stations. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the handling of the dest parameter provided to the nwcheckexec.php endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the www-data user. Was ZDI-CAN-23114.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Last week in AI dev tools: Cloudflare blocking AI crawlers by default, Perplexity Max subscription, and more (July 7, 2025)

Infragistics Launches Ultimate 25.1 With Major Updates to App Builder, Ignite UI

Design Guidelines For Better Notifications UX

10 Top React.js Development Service Providers For Your Next Project In 2026

This massive Samsung TV is an Xbox — and it’s cheaper than a Series X in Best Buy’s anti-Prime Day sale

One of our favorite Xbox storage expansion cards just dropped below $130 — thanks to an anti-Prime Day deal that beats Amazon

Microsoft reportedly met with Romero Games just a day before pulling funding — and said absolutely nothing about what was coming

Windows 11 is set to gain big lock screen improvements this year — here’s what to expect, and when

Concrete Fiber: Strengthening the Backbone of Modern Construction

Concrete Fiber: Strengthening the Backbone of Modern Construction

State Management in React with Jotai

Turn Your Database into a Smart Chatbot with Azure OpenAI, LangChain, and ChromaDB

This massive Samsung TV is an Xbox — and it’s cheaper than a Series X in Best Buy’s anti-Prime Day sale

This massive Samsung TV is an Xbox — and it’s cheaper than a Series X in Best Buy’s anti-Prime Day sale

One of our favorite Xbox storage expansion cards just dropped below $130 — thanks to an anti-Prime Day deal that beats Amazon

Microsoft reportedly met with Romero Games just a day before pulling funding — and said absolutely nothing about what was coming

CVE-2024-13957 – ASPECT SSRF Server Side Request Forgery

CVE-2025-6793 – Marvell QConvergeConsole QLogicDownloadImpl Directory Traversal Vulnerability

CVE-2025-6794 – Marvell QConvergeConsole Directory Traversal Remote Code Execution Vulnerability

Amazon DynamoDB data modeling for Multi-tenancy – Part 3

CVE-2025-4312 – SourceCodester Advanced Web Store SQL Injection

Optimizing Mixtral 8x7B on Amazon SageMaker with AWS Inferentia2

CVE-2025-53177 – Fossil Calendar Storage Module Permission Bypass Vulnerability

CVE-2025-3882 – eCharge Hardy Barth cPH2 Command Injection Remote Code Execution Vulnerability

TCC Bypass vulnerabilities in two macOS applications

Microsoft to Launch Its Latest Surface Copilot+ PCs for Classrooms on July 22

Rilasciata Chimera Linux 20250420: importanti novità nel bootloader e supporto architetturale

CVE-2024-13957 – ASPECT SSRF Server Side Request Forgery

Related Posts