Aggregator

Submit #751133 / VDB-346172

本文章主要记录cyberstrikelab的lab17打靶过程

Submit #751046 / VDB-325827

Submit #750991 / VDB-283927

A vulnerability was found in Intelbras VIP 3260 Z IA 2.840.00IB005.0.T. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /OutsideCmd. The manipulation results in weak password recovery. This vulnerability is known as CVE-2026-2564. It is possible to launch the attack remotely. No exploit is available. It is recommended to upgrade the affected component.

Submit #741776 / VDB-346171

A vulnerability was found in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. It has been classified as critical. Affected is the function set_stcreenen_deabled_status/get_status of the file /f/service/controlDevice of the component jdcapp_rpc. The manipulation leads to privilege escalation. This vulnerability is traded as CVE-2026-2563. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533 and classified as critical. This impacts the function cast_streen of the file /jdcapi of the component jdcweb_rpc. Executing a manipulation of the argument File can lead to privilege escalation. This vulnerability appears as CVE-2026-2562. The attack may be performed from remote. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability has been found in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533 and classified as critical. This affects the function web_get_ddns_uptime of the file /jdcapi of the component jdcweb_rpc. Performing a manipulation results in privilege escalation. This vulnerability is reported as CVE-2026-2561. The attack is possible to be carried out remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #750992 / VDB-346170

Submit #750987 / VDB-346170

Submit #750986 / VDB-346169

Submit #750977 / VDB-346168

A vulnerability, which was classified as critical, was found in kalcaddle kodbox up to 1.64.05. The impacted element is the function run of the file plugins/fileThumb/lib/VideoResize.class.php of the component Media File Preview Plugin. Such manipulation of the argument localFile leads to os command injection. This vulnerability is documented as CVE-2026-2560. The attack can be executed remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.

CrewAI FileWriterTool + PickleHandler 组合漏洞链 RCE 漏洞分析

漏洞描述这是SmarterMain的一个未授权RCE漏洞，出现RCE的位置为ConnectToHub API method，具体的漏洞描述如下图所示:环境搭建这里我直接用的docker搭建的环境，命令如下:​然后是.net的反编译工具，我使用的是Rider以及dotPeet，这个就凭个人喜好下载了。漏洞代码分析因为.Net的路由大部分都在MailService.dll，所以可以直接看到这个dll中

Submit #750944 / VDB-346167

A vulnerability has been found in Linux Kernel up to 6.17.2 and classified as critical. This issue affects the function crypto_acomp_streams of the component crypto. This manipulation causes allocation of resources. This vulnerability is registered as CVE-2025-40063. The attack requires access to the local network. No exploit is available. The affected component should be upgraded.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.1.155/6.6.111/6.12.52/6.17.2. The impacted element is the function qm_diff_regs of the component crypto. This manipulation causes improper initialization. This vulnerability is handled as CVE-2025-40062. The attack can only be done within the local network. There is not any exploit available. It is suggested to upgrade the affected component.