CVE-2025-5873 – eCharge Hardy Barth Salia Web UI Unrestricted File Upload Vulnerability

June 9, 2025

CVE ID : CVE-2025-5873

Published : June 9, 2025, 11:15 a.m. | 52 minutes ago

Description : A vulnerability was found in eCharge Hardy Barth Salia PLCC 2.2.0. It has been declared as critical. This vulnerability affects unknown code of the file /firmware.php of the component Web UI. The manipulation of the argument media leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleRaspberry Pi 5 Desktop Mini PC: Installing Software

Next Article CVE-2025-5874 – Redash getattr Handler Sandbox Bypass Vulnerability

Highlights

CVE-2025-3511 – Mitsubishi Electric Corporation CC-Link IE TSN Denial of Service Remote Buffer Overflow

April 25, 2025

CVE ID : CVE-2025-3511

Published : April 25, 2025, 6:15 a.m. | 1 hour, 15 minutes ago

Description : Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric Corporation CC-Link IE TSN Remote I/O module, CC-Link IE TSN Analog-Digital Converter module, CC-Link IE TSN Digital-Analog Converter module, CC-Link IE TSN FPGA module and CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY allows a remote unauthenticated attacker to cause a Denial of Service condition in the products by sending specially crafted UDP packets.

Severity: 5.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

CodeSOD: A Real POS Report

Decoding The SVG path Element: Line Commands

Apple doesn’t need better AI as much as AI needs Apple to bring its A-game

DistroWatch Weekly, Issue 1125

Motion Highlights #9

The 2025 Wholesome Direct was chock-full of cozy casual games and aesthetic vibes

GuacPanel

GuacPanel

FilamentExamples.com: Our Demo-Projects and Tutorials on Filament

Laravel Migration With Schema Validation in MongoDB

Raspberry Pi 5 Desktop Mini PC: Installing Software

Raspberry Pi 5 Desktop Mini PC: Installing Software

SmartOS – Type 1 Hypervisor platform based on illumos

Karakeep is a self-hostable bookmark-everything app

CVE-2025-5873 – eCharge Hardy Barth Salia Web UI Unrestricted File Upload Vulnerability

Fake Recruiter Emails Target CFOs Using Legit NetBird Tool Across 6 Global Regions

Qualcomm Fixes 3 Zero-Days Used in Targeted Android Attacks via Adreno GPU

I was skeptical of clip-style earbuds, then I took this budget pair on a run

The utterly crazy story of the death threat hacker (involves a cat)

ArcoLinux: La fine di un progetto e il futuro degli utenti

Engineering Smarter Data Pipelines with Autonomous AI

CVE-2025-3511 – Mitsubishi Electric Corporation CC-Link IE TSN Denial of Service Remote Buffer Overflow

CVE-2025-4884 – iSourcecode Restaurant Management System SQL Injection Vulnerability

CVE-2025-3925 – BrightSign Players Privilege Escalation Vulnerability

CVE-2024-52290 – LF Edge eKuiper Cross-Site Scripting (XSS)

CVE-2025-5873 – eCharge Hardy Barth Salia Web UI Unrestricted File Upload Vulnerability

Related Posts