Aggregator

分析ipTIME AX2004M路由器固件漏洞，揭示基于逻辑错误的未授权访问与RCE利用链。

堆喷你就喷吧，一喷一个不吱声

apple系列是IO的骨干成员

此样本运行后，会释放多阶段木马，会创建以Qihoo字符串开头的计划任务，会检测360安全软件的360tray.exe 、zhudongfangyu.exe进程，会在内存中释放并加载携带.NET Reactor壳的AsyncRAT远控木马。

源码层面详解Node.js反序列化漏洞原理与利用

洞挖掘有时候挖不到洞并不是你比别人差,可能是因为这个点你没有发现而已,适应的利用插件武装自身,用工具更好的发现问题才能让渗透事倍功半,企业SRC站点存在WAF选择性开启凭运气捡漏,安服渗透项目建议全部装载武装到牙齿。

A vulnerability identified as critical has been detected in Microsoft Windows. This impacts an unknown function of the component File Explorer. Performing manipulation results in use after free. This vulnerability is identified as CVE-2025-62565. The attack is only possible with local access. There is not any exploit available. Applying a patch is the recommended action to fix this issue.

A vulnerability has been found in Microsoft Windows and classified as critical. The affected element is an unknown function of the component Shell. The manipulation leads to race condition. This vulnerability is traded as CVE-2025-64661. An attack has to be approached locally. There is no exploit available. Applying a patch is the recommended action to fix this issue.

A vulnerability was found in Microsoft GitHub Copilot Plugin for JetBrains IDEs. It has been rated as problematic. Affected is an unknown function. Performing manipulation results in command injection. This vulnerability was named CVE-2025-64671. The attack needs to be approached locally. There is no available exploit. It is suggested to install a patch to address this issue.

A vulnerability labeled as critical has been found in Microsoft Windows. This affects an unknown part of the component RRAS. The manipulation results in heap-based buffer overflow. This vulnerability is identified as CVE-2025-64678. The attack can be executed remotely. There is not any exploit available. It is advisable to implement a patch to correct this issue.

A vulnerability categorized as problematic has been discovered in Microsoft SharePoint Server. Affected by this vulnerability is an unknown functionality. Executing manipulation can lead to cross site scripting. The identification of this vulnerability is CVE-2025-64672. The attack may be launched remotely. There is no exploit available. A patch should be applied to remediate this issue.

多个多内合法数字签名、trycloudflare隧道通信

深入解析glibc中large bin的管理机制及攻击手法，揭示如何通过伪造堆块实现任意地址写与信息泄露。

本文详解x86下通过修改fini_array劫持程序流，结合格式化字符串漏洞实现循环执行与ROP链部署的方法。

本文深入解析ret2dlresolve攻击原理，结合源码剖析延迟绑定机制及利用条件，并通过实例演示如何伪造link_map实现RCE。

本文以QWB CTF题目为例，详解内核栈溢出漏洞利用，涵盖canary泄露、ROP链构造及权限提升技术。

A vulnerability classified as problematic has been found in Paramiko up to 2.10.0. The impacted element is the function write_private_key_file. Performing manipulation results in information disclosure. This vulnerability is identified as CVE-2022-24302. The attack can only be performed from the local network. There is not any exploit available. It is recommended to upgrade the affected component.

为了防止忘掉，特意花时间重新写了一遍

漏洞描述Apache Tika 的 tika-core (1.13-3.2.1)、tika-pdf-module (2.0.0-3.2.1) 和 tika-parsers (1.13-1.28.5) 模块在所有平台上存在严重 XXE 漏洞，攻击者可利用此漏洞通过在 PDF 文件中嵌入精心构造的 XFA 文件来实施 XML 外部实体注入。此 CVE 漏洞与 CVE-2025-54988 漏洞相同。然

漏洞描述CVE-2025-55182 是 Next.js 中因 React Flight 反序列化机制未校验对象属性访问路径（如 __proto__、constructor）导致的高危 RCE 漏洞：攻击者可通过构造恶意 multipart 表单，利用 $B 引用结合可控的 _response._prefix 和被劫持为 Function 的 _formData.get，动态生成包含任意系统命令的