CVE-2025-13943

Overview

Zyxel
EX3301-T0 firmware

24 Feb 2026

Published

26 Feb 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

0.18%

MITRE

KEV

Description

A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50(ABVY.7)C0 could allow an authenticated attacker to execute operating system (OS) commands on an affected device.

Statistics

2 Posts

Last activity: 17 hours ago

Fediverse

TechNadu @technadu

Zyxel addresses critical CVE-2025-13942 RCE affecting UPnP in 4G/5G CPEs, DSL/Ethernet, Fiber ONTs, and wireless extenders. Exploitation requires WAN + UPnP enabled; Shadowserver tracks ~120k exposed devices.

Additional post-auth command-injection flaws (CVE-2025-13943, CVE-2026-1459) patched. EOL devices (VMG1312, VMG3312/13, SBG3300/3500) remain unpatched; replacement recommended.

Mitigation recommendations:
• Apply firmware updates immediately
• Disable unnecessary UPnP/WAN access
• Monitor network exposure of legacy devices
• Track patched vs. unpatched CPEs/routers in enterprise inventories

Source: https://www.bleepingcomputer.com/news/security/zyxel-warns-of-critical-rce-flaw-affecting-over-a-dozen-routers/

How are you prioritizing critical RCE patches for network devices? Comment below and follow for in-depth threat reporting.

#NetworkSecurity #IoTSecurity #PatchManagement #RCE #RouterSecurity #CVE #ThreatIntel #Infosec #ZeroTrust #EnterpriseSecurity

0
0
0
17h ago

Bluesky

TechNadu @technadu.com

Zyxel routers under critical threat: CVE-2025-13942 allows unauthenticated RCE via UPnP if WAN is enabled. Additional post-auth command-injection flaws patched (CVE-2025-13943, CVE-2026-1459). Shadowserver tracks 120k+ exposed devices... #CyberSecurity #NetworkSecurity #RouterVulnerabilities

0
0
0
17h ago

CVE-2026-1459

Overview

Zyxel
VMG3625-T50B firmware

24 Feb 2026

Published

26 Feb 2026

Updated

CVSS v3.1

HIGH (7.2)

EPSS

0.06%

MITRE

KEV

Description

A post-authentication command injection vulnerability in the TR-369 certificate download CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50(ABPM.9.7)C0 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on an affected device.

Statistics

2 Posts

Last activity: 17 hours ago

Fediverse

TechNadu @technadu

Zyxel addresses critical CVE-2025-13942 RCE affecting UPnP in 4G/5G CPEs, DSL/Ethernet, Fiber ONTs, and wireless extenders. Exploitation requires WAN + UPnP enabled; Shadowserver tracks ~120k exposed devices.

Additional post-auth command-injection flaws (CVE-2025-13943, CVE-2026-1459) patched. EOL devices (VMG1312, VMG3312/13, SBG3300/3500) remain unpatched; replacement recommended.

Mitigation recommendations:
• Apply firmware updates immediately
• Disable unnecessary UPnP/WAN access
• Monitor network exposure of legacy devices
• Track patched vs. unpatched CPEs/routers in enterprise inventories

Source: https://www.bleepingcomputer.com/news/security/zyxel-warns-of-critical-rce-flaw-affecting-over-a-dozen-routers/

How are you prioritizing critical RCE patches for network devices? Comment below and follow for in-depth threat reporting.

#NetworkSecurity #IoTSecurity #PatchManagement #RCE #RouterSecurity #CVE #ThreatIntel #Infosec #ZeroTrust #EnterpriseSecurity

0
0
0
17h ago

Bluesky

TechNadu @technadu.com

Zyxel routers under critical threat: CVE-2025-13942 allows unauthenticated RCE via UPnP if WAN is enabled. Additional post-auth command-injection flaws patched (CVE-2025-13943, CVE-2026-1459). Shadowserver tracks 120k+ exposed devices... #CyberSecurity #NetworkSecurity #RouterVulnerabilities

0
0
0
17h ago

CVE-2026-21852

Overview

anthropics
claude-code

21 Jan 2026

Published

21 Jan 2026

Updated

CVSS v4.0

MEDIUM (5.3)

EPSS

0.05%

MITRE

KEV

Description

Claude Code is an agentic coding tool. Prior to version 2.0.65, vulnerability in Claude Code's project-load flow allowed malicious repositories to exfiltrate data including Anthropic API keys before users confirmed trust. An attacker-controlled repository could include a settings file that sets ANTHROPIC_BASE_URL to an attacker-controlled endpoint and when the repository was opened, Claude Code would read the configuration and immediately issue API requests before showing the trust prompt, potentially leaking the user's API keys. Users on standard Claude Code auto-update have received this fix already. Users performing manual updates are advised to update to version 2.0.65, which contains a patch, or to the latest version.

Statistics

1 Post
2 Interactions

Last activity: 13 hours ago

Bluesky

Undercode Testing @undercode.bsky.social

Critical RCE in Code: How Attackers Can Hijack AI Assistants and Steal API Keys (CVE-2025-59536 & CVE-2026-21852) + Video Introduction: The recent discovery by Oded Vanunu of Check Point Research has exposed a critical flaw in Code, an AI‑powered coding assistant. Attackers can exploit specially…

0
2
0
13h ago

CVE-2026-27509

Overview

UnitreeRobotics
Unitree Go2

26 Feb 2026

Published

26 Feb 2026

Updated

CVSS v4.0

HIGH (8.5)

EPSS

Pending

MITRE

KEV

Description

Unitree Go2 firmware versions V1.1.7 through V1.1.9 and V1.1.11 (EDU) do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programming_actuator/request handled by actuator_manager.py. A network-adjacent, unauthenticated attacker can join DDS domain 0 and publish a crafted message (api_id=1002) containing arbitrary Python, which the robot writes to disk under /unitree/etc/programming/ and binds to a physical controller keybinding. When the keybinding is pressed, the code executes as root and the binding persists across reboots.

Statistics

3 Posts

Last activity: 13 hours ago

Bluesky

r/netsec bot @r-netsec.bsky.social

From DDS Packets to Robot Shells: Two RCEs in Unitree Robots (CVE-2026-27509 & CVE-2026-27510)

0
0
2
13h ago

CVE-2026-27510

Overview

UnitreeRobotics
Unitree Go2

26 Feb 2026

Published

26 Feb 2026

Updated

CVSS v4.0

MEDIUM (6.4)

EPSS

Pending

MITRE

KEV

Description

Unitree Go2 firmware versions 1.1.7 through 1.1.11, when used with the Unitree Go2 Android application (com.unitree.doggo2), are vulnerable to remote code execution due to missing integrity protection and validation of user-created programmes. The Android application stores programs in a local SQLite database (unitree_go2.db, table dog_programme) and transmits the programme_text content, including the pyCode field, to the robot. The robot's actuator_manager.py executes the supplied Python as root without integrity verification or content validation. An attacker with local access to the Android device can tamper with the stored programme record to inject arbitrary Python that executes when the user triggers the program via a controller keybinding, and the malicious binding persists across reboots. Additionally, a malicious program shared through the application's community marketplace can result in arbitrary code execution on any robot that imports and runs it.

Statistics

3 Posts

Last activity: 13 hours ago

Bluesky

r/netsec bot @r-netsec.bsky.social

From DDS Packets to Robot Shells: Two RCEs in Unitree Robots (CVE-2026-27509 & CVE-2026-27510)

0
0
2
13h ago

CVE-2026-22769

Overview

Dell
RecoverPoint for Virtual Machines

17 Feb 2026

Published

26 Feb 2026

Updated

CVSS v3.1

CRITICAL (10.0)

EPSS

34.16%

MITRE

KEV

Description

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgrade or apply one of the remediations as soon as possible.

Statistics

1 Post

Last activity: 5 hours ago

Bluesky

OpsMatters @opsmatters.com

The latest update for #CyCognito includes "Emerging Threat: Cisco Catalyst SD-WAN Authentication Bypass (CVE-2026-20127)" and "Emerging Threat – Dell RecoverPoint for VMs Hardcoded Credential (CVE-2026-22769)". #cybersecurity #AttackSurfaceManagement #EASM https://opsmtrs.com/44Srq0X

0
0
0
5h ago

CVE-2026-22721

Overview

VMware
VMware Aria Operations
vmware-aria-operations

25 Feb 2026

Published

27 Feb 2026

Updated

CVSS v3.1

MEDIUM (6.2)

EPSS

0.05%

MITRE

KEV

Description

VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2026-22721, apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found in VMSA-2026-0001 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 .

Statistics

1 Post

Last activity: 9 hours ago

Bluesky

セキュリティ対策Lab @securitylab-jp.bsky.social

VMware Aria Operationsに複数の脆弱性(CVE-2026-22719 / CVE-2026-22720 / CVE-2026-22721) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews

0
0
0
9h ago

CVE-2026-22719

Overview

VMware
Aria Operations
vmware-aria-operations

25 Feb 2026

Published

26 Feb 2026

Updated

CVSS v3.1

HIGH (8.1)

EPSS

0.34%

MITRE

KEV

Description

VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress. To remediate CVE-2026-22719, apply the patches listed in the 'Fixed Version' column of the ' Response Matrix https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ' in VMSA-2026-0001 Workarounds for CVE-2026-22719 are documented in the 'Workarounds' column of the ' Response Matrix https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ' in VMSA-2026-0001

Statistics

1 Post

Last activity: 9 hours ago

Bluesky

セキュリティ対策Lab @securitylab-jp.bsky.social

VMware Aria Operationsに複数の脆弱性(CVE-2026-22719 / CVE-2026-22720 / CVE-2026-22721) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews

0
0
0
9h ago

CVE-2026-22720

Overview

VMware
VMware Aria Operations
vmware-aria-operations

25 Feb 2026

Published

26 Feb 2026

Updated

CVSS v3.1

HIGH (8.0)

EPSS

0.08%

MITRE

KEV

Description

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Operations. To remediate CVE-2026-22720, apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' of VMSA-2026-0001 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947https:// .

Statistics

1 Post

Last activity: 9 hours ago

Bluesky

セキュリティ対策Lab @securitylab-jp.bsky.social

VMware Aria Operationsに複数の脆弱性(CVE-2026-22719 / CVE-2026-22720 / CVE-2026-22721) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews

0
0
0
9h ago