CVE-2025-44043 – Keyoti SearchUnit SSRF

June 10, 2025

CVE ID : CVE-2025-44043

Published : June 10, 2025, 4:15 p.m. | 34 minutes ago

Description : Keyoti SearchUnit prior to 9.0.0. is vulnerable to Server-Side Request Forgery (SSRF) in /Keyoti_SearchEngine_Web_Common/SearchService.svc/GetResults and /Keyoti_SearchEngine_Web_Common/SearchService.svc/GetLocationAndContentCategories. An attacker can specify their own SMB server as the indexDirectory value when making POST requests to the affected components. In doing so an attacker can get the SearchUnit server to read and write configuration and log files from/to the attackers server.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47110 – Adobe Commerce Stored Cross-Site Scripting (XSS) Vulnerability

Next Article CVE-2025-43586 – Adobe Commerce Privilege Escalation Vulnerability

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

With WH40K Boltgun and Dungeons of Hinterberg, this month’s Humble Choice lineup is stacked for less than $12

I’ve been loving the upgrade to my favorite mobile controller, and there’s even a version for large tablets

Copilot Vision just launched — and Microsoft already added new features

Master Data Management: The Key to Improved Analytics Reporting

Master Data Management: The Key to Improved Analytics Reporting

Salesforce Lead-to-Revenue Management

React Native 0.80 – React 19.1, JS API Changes, Freezing Legacy Arch and much more

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

Surface Pro 11 with Snapdragon X Elite drops to lowest price ever

With WH40K Boltgun and Dungeons of Hinterberg, this month’s Humble Choice lineup is stacked for less than $12

I’ve been loving the upgrade to my favorite mobile controller, and there’s even a version for large tablets

CVE-2025-44043 – Keyoti SearchUnit SSRF

Graphite Spyware Exploits Apple iOS Zero-Click Vulnerability to Attack Journalists

PoC Exploit Released for Critical WebDAV 0-Day RCE Vulnerability Exploited by APT Hackers

CVE-2025-42999 – SAP NetWeaver Remote Code Execution

CVE-2025-46611 – ARTEC EMA Mail Cross Site Scripting Vulnerability

Webkit Word is a text editor built with GTK4/Libadwaita

CVE-2024-22351 – IBM InfoSphere Information Server Authentication Session Impersonation

How to Access Oracle Fusion Cloud Apps Data from Snowflake

Do We Still Need Complex Vision-Language Pipelines? Researchers from ByteDance and WHU Introduce Pixel-SAIL—A Single Transformer Model for Pixel-Level Understanding That Outperforms 7B MLLMs

Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server

CVE-2025-4115 – Netgear JWNR2000v2 Buffer Overflow Vulnerability

CVE-2025-44043 – Keyoti SearchUnit SSRF

Related Posts