CVE-2025-32801 – Kea Root Privilege Escalation Remote Code Execution

May 28, 2025

CVE ID : CVE-2025-32801

Published : May 28, 2025, 5:15 p.m. | 22 minutes ago

Description : Kea configuration and API directives can be used to load a malicious hook library. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths.
This issue affects Kea versions 2.4.0 through 2.4.1, 2.6.0 through 2.6.2, and 2.7.0 through 2.7.8.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-32802 – Kea File Overwrite Vulnerability

Next Article CVE-2024-47056 – Mautic Sensitive Information Disclosure

Highlights

CVE-2025-46547 – Sherpa Orchestrator Cross-Site Request Forgery (XSS, SQL Injection) Vulnerability

April 24, 2025

CVE ID : CVE-2025-46547

Published : April 25, 2025, 3:15 a.m. | 36 minutes ago

Description : In Sherpa Orchestrator 141851, the web application lacks protection against CSRF attacks, with resultant effects of an attacker conducting XSS attacks, adding a new user or role, or exploiting a SQL injection issue.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

7 MagSafe accessories that I recommend every iPhone user should have

I replaced my Kindle with an iPad Mini as my ebook reader – 8 reasons why I don’t regret it

Windows 11 version 25H2: Everything you need to know about Microsoft’s next OS release

Elden Ring Nightreign already has a duos Seamless Co-op mod from the creator of the beloved original, and it’ll be “expanded on in the future”

Student Record Android App using SQLite

Student Record Android App using SQLite

When Array uses less memory than Uint8Array (in V8)

Laravel 12 Starter Kits: Definite Guide Which to Choose

Photobooth is photobooth software for the Raspberry Pi and PC

Photobooth is photobooth software for the Raspberry Pi and PC

Le notizie minori del mondo GNU/Linux e dintorni della settimana nr 22/2025

Rilasciata PorteuX 2.1: Novità e Approfondimenti sulla Distribuzione GNU/Linux Portatile Basata su Slackware

CVE-2025-32801 – Kea Root Privilege Escalation Remote Code Execution

New Linux Flaws Allow Password Hash Theft via Core Dumps in Ubuntu, RHEL, Fedora

Exploit details for max severity Cisco IOS XE flaw now public

Amazon Bedrock Prompt Management is now available in GA

Simplify database authentication management with the Amazon Aurora PostgreSQL pg_ad_mapping extension

CERT-In Alerts WordPress Users to Critical WPForms Plugin Vulnerability

Web Design Inspiration

CVE-2025-46547 – Sherpa Orchestrator Cross-Site Request Forgery (XSS, SQL Injection) Vulnerability

May report 2024

Inkscape 1.4.1 Brings Snap App Fixes, New Features

Google Chrome on mobile launches trending searches, more. Edge now has catching up to do

CVE-2025-32801 – Kea Root Privilege Escalation Remote Code Execution

Related Posts