Inside the MSHTML Exploit: A SOC Analyst’s Walkthrough of CVE-2021–40444

June 24, 2025

Inside the MSHTML Exploit: A SOC Analyst’s Walkthrough of CVE-2021–40444

June 2025 • by a SOC Analyst | Threat Hunting | Malware Analysis⚠️ IntroductionIn this post, we take you through a real-world malware investigation where four suspicious documents were suspected of le …

Published Date:
Jun 24, 2025 (3 hours, 10 minutes ago)

Vulnerabilities has been mentioned in this article.

Source: Read More

Previous ArticleWinRAR Vulnerability Let Execute Arbitrary Code Using a Malicious File

Next Article minesVIiper is a minesweeper clone with mouse and VT220 support

Highlights

CVE-2025-44137 – MapTiler Tileserver-php Directory Traversal Vulnerability

July 29, 2025

CVE ID : CVE-2025-44137

Published : July 29, 2025, 5:15 p.m. | 6 hours, 44 minutes ago

Description : MapTiler Tileserver-php v2.0 is vulnerable to Directory Traversal. The renderTile function within tileserver.php is responsible for delivering tiles that are stored as files on the server via web request. Creating the path to a file allows the insertion of “../” and thus read any file on the web server. Affected GET parameters are “TileMatrix”, “TileRow”, “TileCol” and “Format”

Severity: 8.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: Across the 4th Dimension

Cursor vs GitHub Copilot (2025): Which AI Platform Wins for Your Node.js Dev Team?

NuGet adds support for Trusted Publishing

AWS launches IDE extension for building browser automation agents

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

DistroWatch Weekly, Issue 1140

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

IDC ServiceScape for Microsoft Power Apps Low-Code/No-Code Custom Application Development Services

A Stream-Oriented UI library for interactive web applications

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Inside the MSHTML Exploit: A SOC Analyst’s Walkthrough of CVE-2021–40444

Inside the MSHTML Exploit: A SOC Analyst’s Walkthrough of CVE-2021–40444

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

2025’s highest-rated Xbox game on Metacritic is coming to Game Pass in a matter of days — but you’ve never heard of it

CVE-2025-8750 – Macrozheng Mall Cross-Site Scripting Vulnerability

Microsoft Teams Will Soon Let You React with Multiple Emojis Per Message

Is Anxiety Disorder a Neurological Disorder?

CVE-2025-44137 – MapTiler Tileserver-php Directory Traversal Vulnerability

CVE-2025-3455 – WordPress 1 Click Migration Plugin Remote File Upload Vulnerability

What they’re not teaching in design class

CVE-2025-35978 – UpdateNavi UpdateNaviInstallService Remote Code Execution

Inside the MSHTML Exploit: A SOC Analyst’s Walkthrough of CVE-2021–40444

Inside the MSHTML Exploit: A SOC Analyst’s Walkthrough of CVE-2021–40444

Related Posts