[2025.04 Vulnerability Report] Apache Tomcat RCE Vulnerability (CVE-2025-24813) Apache Tomcat is a Java-based web application server widely used worldwide, and recently discovered a serious path equivalence vulnerability identified as CVE-2025-24813. This vulnerability poses a risk that an attacker can access restricted resources or execute arbitrary code without authentication due to a path validation error in Read more about [2025.04 Vulnerability Report] Apache Tomcat RCE Vulnerability (CVE-2025-24813)[…]

[2025.03 Vulnerability Report] HUNK COMPANION Plugin Remote Code Execution (CVE-2024-9707) This major vulnerability in the Hunk Companion plugin could be the first step in a broader exploit chain. If another plugin with a known vulnerability is activated via this vulnerability, an attacker could achieve remote code execution on the WordPress site. The widespread distribution of Read more about [2025.03 Vulnerability Report] HUNK COMPANION Plugin Remote Code Execution (CVE-2024-9707)[…]

[2025.03 Vulnerability Report] Ivanti vTM Authentication Bypass The vulnerability is an authentication bypass vulnerability in IvantivTM, which allows an attacker to create an arbitrary administrator account by bypassing access control to the loadable wizard.cgi for all sections within the web interface. The vulnerability has been patched in IvantivTM versions 22.2R1, 22.7R2, and others, and AIWAF responds Read more about [2025.03 Vulnerability Report] Ivanti vTM Authentication Bypass[…]

CVE-2024-4547 is a SQL injection vulnerability affecting Delta Electronics DIAEnergie v1.10.1.8610 and earlier. The issue lies in the CEBC.exe component that processes the ‘RecalculateScript’ message, which contains four fields separated by the ‘~’ character. An unauthenticated remote attacker could exploit this vulnerability by manipulating the fourth field to inject malicious SQL statements, which could lead Read more about [2025.02 Vulnerability Report] Delta Electronics DIAEnergie SQL Injection(CVE-2024-4547)[…]

The vulnerability is a pre-authentication RCE vulnerability in Apache OFBiz, which allows an attacker to execute malicious code without an authentication process by exploiting an incorrect authentication process when processing a request for a particular URL. The vulnerability was patched in version 18.12.15 of Apache OFBiz, and AIWAF responds through the 2228: Apache OFBiz Remote Read more about [2025.02 Vulnerability Report] Apache OFbiz Pre-Auth Remote Code Execution[…]

The vulnerability is a pre-authenticated RCE vulnerability in Ivanti’s Connect Secure, Policy Secure, and ZTA Gateway products, which attempts to exploit Buffer Overflow during IF-T/TLS protocol communication. The vulnerability is patched in 22.7R2.5 for Ivanti Connect Secure and Ivanti ZTA Gateway products, and AIWAF is continuously monitoring related vulnerabilities. 1. Overview Ivanti’s Connect Secure, Policy Read more about [2025.01 Vulnerability Report] Ivanti Connect Secure & Policy Secure, ZTA Gateways Vulnerability[…]

The WordPress CleanTalk plugin currently has a serious authentication bypass vulnerability, identified as CVE-2024-10542 and CVE-2024-10781, which allows an unauthenticated attacker to bypass security measures and perform actions that would normally require valid authentication. In particular, an attacker could install and activate arbitrary plugins on a vulnerable site, potentially leading to remote code execution and Read more about [2025.01 Vulnerability Report] WordPress CleanTalk Plugin Authentication Bypass Vulnerability (CVE-2024-10542, CVE-2024-10781)[…]

Vulnerability report written by the TA team by analyzing “Critical RCE Vulnerability in jsonpath-plus (CVE-2024-21534)” CVE-2024-21534 is a remote code execution (RCE) vulnerability in the jsonpath-plus package due to improper input sanitization. This vulnerability can cause serious security threats to the system by allowing a malicious user to execute arbitrary code through input. Systems with Read more about [2024.12 Vulnerability Report] Critical RCE Vulnerability in jsonpath-plus (CVE-2024-21534)[…]

Vulnerability report written by the TA team by analyzing “Cleo Harmony, VLTrader and LexiCom File Read/Write Vulnerability” The vulnerability is a file read/write vulnerability in the software provided by Cleo that attempts to access or upload malicious files in the service using the software through a manipulated VLSync header. The vulnerabilities were patched in Harmony, Read more about [2024.12 Vulnerability Report] Cleo Harmony, VLTrader and LexiCom File Read/Write Vulnerability[…]

Vulnerability report written by the TA team by analyzing “Joomla! CMS Security Bypass (CVE-2023-23752)” CVE-2023-23752 is a vulnerability found in Joomla! versions 4.0.0 through 4.2.7 that allows unauthorized access to web service endpoints due to incorrect access validation. This can lead to a risk that a malicious user can access the system without authentication or Read more about [2024.11 Vulnerability Report] Joomla! CMS Security Bypass (CVE-2023-23752)[…]