diff --git a/CVE-2025/CVE-2025-63xx/CVE-2025-6399.json b/CVE-2025/CVE-2025-63xx/CVE-2025-6399.json new file mode 100644 index 00000000000..f5ed74754f8 --- /dev/null +++ b/CVE-2025/CVE-2025-63xx/CVE-2025-6399.json @@ -0,0 +1,149 @@ +{ + "id": "CVE-2025-6399", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-06-21T04:15:23.140", + "lastModified": "2025-06-21T04:15:23.140", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, was found in TOTOLINK X15 1.0.0-B20230714.1105. Affected is an unknown function of the file /boafrm/formIPv6Addr of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 7.4, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "HIGH", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "PROOF_OF_CONCEPT", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", + "baseScore": 9.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 8.0, + "impactScore": 10.0, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/d2pq/cve/blob/main/616/19.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/d2pq/cve/blob/main/616/19.md#poc", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.313392", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.313392", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.597681", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.totolink.net/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 64dfd6bc669..80d134ae54c 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-06-21T04:00:19.729597+00:00 +2025-06-21T06:00:22.001024+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-06-21T03:15:24.990000+00:00 +2025-06-21T04:15:23.140000+00:00 ``` ### Last Data Feed Release @@ -33,21 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -298978 +298979 ``` ### CVEs added in the last Commit -Recently added CVEs: `8` +Recently added CVEs: `1` -- [CVE-2025-52485](CVE-2025/CVE-2025-524xx/CVE-2025-52485.json) (`2025-06-21T03:15:23.767`) -- [CVE-2025-52486](CVE-2025/CVE-2025-524xx/CVE-2025-52486.json) (`2025-06-21T03:15:24.507`) -- [CVE-2025-52487](CVE-2025/CVE-2025-524xx/CVE-2025-52487.json) (`2025-06-21T03:15:24.667`) -- [CVE-2025-52488](CVE-2025/CVE-2025-524xx/CVE-2025-52488.json) (`2025-06-21T03:15:24.817`) -- [CVE-2025-52552](CVE-2025/CVE-2025-525xx/CVE-2025-52552.json) (`2025-06-21T03:15:24.990`) -- [CVE-2025-52556](CVE-2025/CVE-2025-525xx/CVE-2025-52556.json) (`2025-06-21T02:15:19.947`) -- [CVE-2025-52557](CVE-2025/CVE-2025-525xx/CVE-2025-52557.json) (`2025-06-21T02:15:20.107`) -- [CVE-2025-6394](CVE-2025/CVE-2025-63xx/CVE-2025-6394.json) (`2025-06-21T02:15:20.247`) +- [CVE-2025-6399](CVE-2025/CVE-2025-63xx/CVE-2025-6399.json) (`2025-06-21T04:15:23.140`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index 7a778f59341..1f27f03e014 100644 --- a/_state.csv +++ b/_state.csv @@ -298187,18 +298187,18 @@ CVE-2025-5247,0,0,54e3a381cfd9dfdb05827b9f71ff8bbd85014209bf716148a0d5df41e284d4 CVE-2025-52474,0,0,90aca3999fbf5ca7dd4557d7388545c99ea4ce981f2f9c8d02593988d225c460,2025-06-19T04:15:53.793000 CVE-2025-5248,0,0,cb74e13c3a661382a173d2171f53e905ac7962a17d411318369a81c1a4c9d649,2025-06-10T15:12:22.573000 CVE-2025-52484,0,0,7906e8b10f2a59c25311b93495cd85fcb8342c1455343ef15746f82c5e88c2d6,2025-06-20T18:15:28.747000 -CVE-2025-52485,1,1,2c3306f11cfb58166e018fc94811f3c66b7fdb4732b46519985162db6b1782f9,2025-06-21T03:15:23.767000 -CVE-2025-52486,1,1,dd26e6454c673dca00237655f74d091343c7ce4354f493a88dffdc5f60570b96,2025-06-21T03:15:24.507000 -CVE-2025-52487,1,1,24240f093a57140347936a93cc62da391b283dea9683e874ef692c5b808cbef5,2025-06-21T03:15:24.667000 -CVE-2025-52488,1,1,9c0f20c44bf53b2cad03c39b708215058a7b924b1f7afab8b2379e42c152bf91,2025-06-21T03:15:24.817000 +CVE-2025-52485,0,0,2c3306f11cfb58166e018fc94811f3c66b7fdb4732b46519985162db6b1782f9,2025-06-21T03:15:23.767000 +CVE-2025-52486,0,0,dd26e6454c673dca00237655f74d091343c7ce4354f493a88dffdc5f60570b96,2025-06-21T03:15:24.507000 +CVE-2025-52487,0,0,24240f093a57140347936a93cc62da391b283dea9683e874ef692c5b808cbef5,2025-06-21T03:15:24.667000 +CVE-2025-52488,0,0,9c0f20c44bf53b2cad03c39b708215058a7b924b1f7afab8b2379e42c152bf91,2025-06-21T03:15:24.817000 CVE-2025-5249,0,0,fc0947e1350e4210bd6e677b41423c19ba4df5864aa9264c3ec9f64636ca0b76,2025-05-28T15:01:30.720000 CVE-2025-5250,0,0,2a4bdc606e390fc951ba8f4ded6d97e8a69fbc9ec9574eb66322c159fbee23de,2025-06-10T15:12:33.010000 CVE-2025-5251,0,0,f632fe7c5885617fb201b5b935c30961323c6054755926cad7791588fe5ea46c,2025-06-10T15:12:43.393000 CVE-2025-5252,0,0,befcffbe58a6c748b51a32dbfdb428108ffe2b16ca817a921564fafd634c86b0,2025-06-09T18:51:06.110000 CVE-2025-5255,0,0,0d9f56d5e1509a662651a50a1959d77ed1c049a1471df3ec7483fe3801248464,2025-06-20T10:15:21.653000 -CVE-2025-52552,1,1,27741305ae00f3d36bb92eb33f15f4f7f40418a880f409aa430ffa00fa775060,2025-06-21T03:15:24.990000 -CVE-2025-52556,1,1,839776e8ea5d48efbfe10dd749a9ae7819c361ef6cbb9befd317045b49103746,2025-06-21T02:15:19.947000 -CVE-2025-52557,1,1,0983e689a848479832c1cc1b66b70297360012e01103c16ee1ea99dfdc0c6445,2025-06-21T02:15:20.107000 +CVE-2025-52552,0,0,27741305ae00f3d36bb92eb33f15f4f7f40418a880f409aa430ffa00fa775060,2025-06-21T03:15:24.990000 +CVE-2025-52556,0,0,839776e8ea5d48efbfe10dd749a9ae7819c361ef6cbb9befd317045b49103746,2025-06-21T02:15:19.947000 +CVE-2025-52557,0,0,0983e689a848479832c1cc1b66b70297360012e01103c16ee1ea99dfdc0c6445,2025-06-21T02:15:20.107000 CVE-2025-5256,0,0,8e276989283383806f3abf5c20dbe67142f0dc8ca07046605c539922633ebc4a,2025-05-29T14:29:50.247000 CVE-2025-5257,0,0,75d358e3d2bbe3761b44e1bc4ce97e0b1726e1521e4fab98ee61ac2e91cdcfa1,2025-05-29T14:29:50.247000 CVE-2025-5259,0,0,762eb0e82b940f038c9de9747260da22e83abc89d044ade4d08f1060ed5d681a,2025-05-30T16:31:03.107000 @@ -298976,4 +298976,5 @@ CVE-2025-6374,0,0,b64de8ac08765ef2aa29524f49bd34819f262290b45c21bdea86cc8246ba3a CVE-2025-6375,0,0,ffe282b12fa3ecc9ab33fc703768c63791095f26660717266b328436b6f94862,2025-06-21T01:15:29.463000 CVE-2025-6384,0,0,5cdec51953ac45fb27a9189069c1d2dedd736d67cb8696f7a629dd1dd7d1191f,2025-06-19T21:15:27.390000 CVE-2025-6393,0,0,8fdf36f15a3c8062a52f965b882fa901ea85b71f63ac82f6e8e8e5dca7616106,2025-06-21T01:15:29.650000 -CVE-2025-6394,1,1,0d29effea134417ccb539ed8195e20c39f8378791ae92c1ec4fb1ad0a57731cd,2025-06-21T02:15:20.247000 +CVE-2025-6394,0,0,0d29effea134417ccb539ed8195e20c39f8378791ae92c1ec4fb1ad0a57731cd,2025-06-21T02:15:20.247000 +CVE-2025-6399,1,1,4e1efe71bd5e4cfa8ab2ff5a9127ce00373b7f6790fd011901c9b5eee0f73f6a,2025-06-21T04:15:23.140000