Telegram Web
Forwarded from APT
This media is not supported in your browser
VIEW IN TELEGRAM
🩸 CitrixBleed 2 β€” Citrix NetScaler Memory Leak (CVE-2025-5777)

Critical memory leak vulnerability in Citrix NetScaler ADC/Gateway. Sending malformed POST request with login parameter without value causes server to return ~127 bytes of uninitialized stack memory, including session tokens, enabling MFA bypass and active session hijacking.

πŸ”— Research:
https://doublepulsar.com/citrixbleed-2-electric-boogaloo-cve-2025-5777-c7f5e349d206

πŸ”— Source:
https://github.com/win3zz/CVE-2025-5777

#citrix #netscaler #memoryleak #exploit
πŸ”₯15πŸ‘9😁2
CVE-2025-48799: Windows Update Service LPE

PoC: https://github.com/Wh04m1001/CVE-2025-48799

Patched: July 8, 2025

This vulnability affects windows clients (win11/win10) with at least 2 hard drives.


#lpe #windows #pentest #redteam
πŸ”₯20πŸ‘8😁2
CVE-2025-25257: Pre-Auth SQLi to RCE - Fortinet FortiWeb

PoC: https://github.com/watchtowrlabs/watchTowr-vs-FortiWeb-CVE-2025-25257

Blog: https://labs.watchtowr.com/pre-auth-sql-injection-to-rce-fortinet-fortiweb-fabric-connector-cve-2025-25257/

Affected:
7.6.0 through 7.6.3
7.4.0 through 7.4.7
7.2.0 through 7.2.10
7.0.0 through 7.0.10

#rce #pentest #redteam #fortinet #cve
πŸ”₯22😁9πŸ‘3🀯1😱1
2025/07/12 00:20:11
Back to Top
HTML Embed Code: