CVE-2025-6166 – Frdel Agent-Zero Path Traversal Vulnerability

June 17, 2025

CVE ID : CVE-2025-6166

Published : June 17, 2025, 6:15 a.m. | 4 hours, 10 minutes ago

Description : A vulnerability was found in frdel Agent-Zero up to 0.8.4. It has been rated as problematic. This issue affects the function image_get of the file /python/api/image_get.py. The manipulation of the argument path leads to path traversal. Upgrading to version 0.8.4.1 is able to address this issue. The identifier of the patch is 5db74202d632306a883ccce7339c5bdba0d16c5a. It is recommended to upgrade the affected component.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6173 – Webkul QloApps SQL Injection

Next Article CVE-2025-6165 – TOTOLINK X15 HTTP POST Request Handler Buffer Overflow Vulnerability

Highlights

CVE-2025-6793 – Marvell QConvergeConsole QLogicDownloadImpl Directory Traversal Vulnerability

July 7, 2025

CVE ID : CVE-2025-6793

Published : July 7, 2025, 3:15 p.m. | 2 hours, 59 minutes ago

Description : Marvell QConvergeConsole QLogicDownloadImpl Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability. This vulnerability allows remote attackers to delete arbitrary files and disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the QLogicDownloadImpl class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to delete files and disclose information in the context of SYSTEM. Was ZDI-CAN-24912.

Severity: 9.4 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Upwork Freelancers vs Dedicated React.js Teams: What’s Better for Your Project in 2025?

Is Agile dead in the age of AI?

Top 15 Enterprise Use Cases That Justify Hiring Node.js Developers in 2025

The Core Model: Start FROM The Answer, Not WITH The Solution

Anthropic beats OpenAI as the top LLM provider for business – and it’s not even close

I bought Samsung’s Galaxy Watch Ultra 2025 – here’s why I have buyer’s remorse

I can admit when I’m wrong — this 75% wireless gaming keyboard is way better than I thought it would be

This is Microsoft’s canceled Windows-based Surface Duo — the dual-screen Windows Phone from 2018 that we never got

The details of TC39’s last meeting

The details of TC39’s last meeting

Enhancing Laravel Queries with Reusable Scope Patterns

Everything We Know About Livewire 4

I can admit when I’m wrong — this 75% wireless gaming keyboard is way better than I thought it would be

I can admit when I’m wrong — this 75% wireless gaming keyboard is way better than I thought it would be

This is Microsoft’s canceled Windows-based Surface Duo — the dual-screen Windows Phone from 2018 that we never got

Looking for an Ubuntu Manual? Try This Book

CVE-2025-6166 – Frdel Agent-Zero Path Traversal Vulnerability

Why the tech industry needs to stand firm on preserving end-to-end encryption

Is your phone spying on you? | Unlocked 403 cybersecurity podcast (S2E5)

Rilasciato OpenSSH 10: Un aggiornamento significativo per la sicurezza e la crittografia

CVE-2025-49834 – GPT-SoVITS-WebUI Command Injection Vulnerability

The Rise of PWAs & On-Demand Services Powered by React Native📱

CVE-2025-6939 – TOTOLINK A3002RU HTTP POST Request Handler Buffer Overflow

CVE-2025-6793 – Marvell QConvergeConsole QLogicDownloadImpl Directory Traversal Vulnerability

Rilasciata Slackel 8.0: Una Distribuzione GNU/Linux Basata su Slackware

CVE-2025-4460 – TOTOLINK N150RT Cross-Site Scripting Vulnerability

CVE-2025-6029 & CVE-2025-6030: Replay Attacks Expose Vulnerabilities in KIA and Autoeastern Smart Keyless Entry Systems

CVE-2025-6166 – Frdel Agent-Zero Path Traversal Vulnerability

Related Posts