Critical HIKVISION applyCT Flaw (CVE-2025-34067, CVSS 10.0): Unauthenticated RCE Via Fastjson

July 3, 2025

Critical HIKVISION applyCT Flaw (CVE-2025-34067, CVSS 10.0): Unauthenticated RCE Via Fastjson

Image: PeiQi0
A newly disclosed vulnerability in HIKVISION’s widely deployed security management platform, applyCT (previously known as HikCentral), has put countless surveillance and monitoring infra …

Published Date:
Jul 04, 2025 (3 hours, 21 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-34067

CVE-2021-36260

Source: Read More

Previous ArticleApache Under Attack: Critical RCE Flaws in Tomcat & Camel Spark Thousands of Exploit Attempts

Next Article Anthropic MCP Server Flaws: Path Traversal & Symlink Attacks Allow RCE

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

Full-Stack Techies vs Toptal: Which Is Better for React.js Outsourcing?

The AI productivity paradox in software engineering: Balancing efficiency and human skill retention

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

Microsoft reportedly lacks the know-how to fully leverage OpenAI’s tech — despite holding IP rights

PHP 8.5.0 Alpha 1 available for testing

PHP 8.5.0 Alpha 1 available for testing

Recording cross browser compatible media

Celebrating Perficient’s Third Databricks Champion

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

Critical HIKVISION applyCT Flaw (CVE-2025-34067, CVSS 10.0): Unauthenticated RCE Via Fastjson

Critical HIKVISION applyCT Flaw (CVE-2025-34067, CVSS 10.0): Unauthenticated RCE Via Fastjson

Critical Lucee Flaw (CVE-2025-34074, CVSS 9.4): Authenticated RCE Via Scheduled Task Abuse, Metasploit Module Out

Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours

GitLab patches high severity account takeover, missing auth issues

How to install a screen protector on your gaming handheld — Steam Deck, ROG Ally, Legion Go, and more

ToyMaker’s Playbook: Cisco Talos Exposes IAB Tactics Leading to Cactus Ransomware

Better Than Man pages? These Tools Help You Understand Linux Commands

I tested a compact power station with a solar power generator – it’s my new travel essential

CVE-2025-43916 – Sonos API Open Redirection and Hardcoded Secret Vulnerability

CVE-2025-30172 – ASPECT Remote Code Execution Vulnerability

CVE-2025-45753 – Vtiger CRM PHP Code Execution Vulnerability

Critical HIKVISION applyCT Flaw (CVE-2025-34067, CVSS 10.0): Unauthenticated RCE Via Fastjson

Critical HIKVISION applyCT Flaw (CVE-2025-34067, CVSS 10.0): Unauthenticated RCE Via Fastjson

Related Posts