CVE-2025-7766 – Lantronix Provisioning Manager XML External Entity Injection RCE

July 22, 2025

CVE ID : CVE-2025-7766

Published : July 22, 2025, 10:15 p.m. | 2 hours, 29 minutes ago

Description : Lantronix Provisioning Manager is vulnerable to XML external entity attacks in configuration files supplied by network devices, leading to unauthenticated remote code execution on hosts with Provisioning Manager installed.

Severity: 8.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-54138 – LibreNMS Remote File Inclusion Vulnerability

Next Article CVE-2025-54072 – Yt-dlp Windows Remote Code Execution Vulnerability

Highlights

CVE-2025-5438 – Linksys WPS Command Injection Vulnerability

June 2, 2025

CVE ID : CVE-2025-5438

Published : June 2, 2025, 9:15 a.m. | 2 hours, 7 minutes ago

Description : A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been declared as critical. Affected by this vulnerability is the function WPS of the file /goform/WPS. The manipulation of the argument PIN leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

AI and its impact on the developer experience, or ‘where is the joy?’

Google launches OSS Rebuild tool to improve trust in open source packages

AI-enabled software development: Risk of skill erosion or catalyst for growth?

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Power bank slapped with a recall? Stop using it now – here’s why

I recommend these budget earbuds over pricier Bose and Sony models – here’s why

Microsoft’s big AI update for Windows 11 is here – what’s new

Slow internet speed on Linux? This 30-second fix makes all the difference

Singleton and Scoped Container Attributes in Laravel 12.21

Singleton and Scoped Container Attributes in Laravel 12.21

wulfheart/laravel-actions-ide-helper

lanos/laravel-cashier-stripe-connect

‘Wuchang: Fallen Feathers’ came close to fully breaking me multiple times — a soulslike as brutal and as beautiful as it gets

‘Wuchang: Fallen Feathers’ came close to fully breaking me multiple times — a soulslike as brutal and as beautiful as it gets

Sam Altman is “terrified” of voice ID fraudsters embracing AI — and threats of US bioweapon attacks keep him up at night

NVIDIA boasts a staggering $111 million in market value per employee — since it became the world’s first $4 trillion company

CVE-2025-7766 – Lantronix Provisioning Manager XML External Entity Injection RCE

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

Why is your data worth so much? | Unlocked 403 cybersecurity podcast (S2E4)

GitHub Universe 2025: Here’s what’s in store at this year’s developer wonderland

CVE-2025-47294 – Fortinet FortiOS Integer Overflow DoS

Microsoft justifies TPM requirement for Windows 11 ahead of Windows 10 EOL

SaaS product QuickHub

CVE-2025-5438 – Linksys WPS Command Injection Vulnerability

CVE-2025-7484 – PHPGurukul Vehicle Parking Management System SQL Injection Vulnerability

DeepMind CEO calls Google’s updated Gemini 2.5 Pro AI “the best coding model” with a taste for aesthetic web development

The Elder Scrolls Online Direct April 2025 reveals Subclasses, the Worm Cult, and more

CVE-2025-7766 – Lantronix Provisioning Manager XML External Entity Injection RCE

Related Posts