Adobe Commerce Exploit, Comet Backup IDOR, Totolink Flaws Lead Alerts

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover. This is a critical vulnerability with a CVSS score of 9.1 and an EPSS of 0.63, placing it in the high-risk category and marking it as actively exploited.

A critical IDOR vulnerability has been discovered in Comet Backup affecting all versions from 20.11.0 to 26.1.1 and 26.2.1. The vulnerability allows a tenant administrator to impersonate any end-user account of other tenants on the same server, posing a significant security risk.

GV-VMS V20, a Video Monitoring Software, is affected by a critical vulnerability with a CVSS score of 10.0. While typically accessed locally, remote access is possible, potentially exposing the system to unauthorized control. The exact impact and exploitability are still under investigation, but the high CVSS score indicates a severe security flaw.

Totolink devices, including N300RH (3.2.4-B20220812) and WA300 (5.2cu.7112_B20190227), are affected by multiple critical and high-severity vulnerabilities. These flaws, primarily in the login authentication and request handling components, allow for various attacks including authentication bypass, session hijacking, and arbitrary command execution through manipulation of parameters like http_host, priDns, and FileName. The affected files include /cgi-bin/cstecgi.cgi.

NVIDIA NVFlare Dashboard contains a critical vulnerability in its user management and authentication system. An unauthenticated attacker can exploit this to bypass authorization through a user-controlled key, potentially leading to unauthorized access and control of the dashboard.

Anviz CX2 Lite and CX7 devices are vulnerable to unauthenticated firmware uploads. Attackers can upload crafted archives, enabling them to plant and execute code, ultimately obtaining a reverse shell on the affected devices. This critical vulnerability poses a significant risk to the security of surveillance systems.

The Linux kernel has a vulnerability in the nvmet-tcp module, specifically in the nvmet_tcp_build_pdu_iovec function. This flaw could allow an attacker to cause an out-of-bounds read by providing crafted input, potentially leading to system instability or information disclosure.

Ollama before version 0.17.1 contains a heap out-of-bounds read vulnerability in its GGUF model loader. The /api/create endpoint is susceptible to an attacker-supplied GGUF file where the declared tensor offset and size exceed the file's actual length, leading to a crash or potential code execution.

RTICorp's Connext Professional (Core Libraries) versions from 7.4.0 before 7.7.0 and from 7.0.0 before 7.3.1.1 are affected by an Improper Restriction of XML External Entity Reference vulnerability. This allows for Serialized Data External Linking, which can lead to information disclosure or denial-of-service.

Norton Secure VPN, when installed via the Microsoft Store, has a privilege escalation vulnerability. A low-privilege user can replace files during the installation process, potentially leading to the deletion of arbitrary files or other malicious actions.

Shenzhen Libituo Technology LBT-T300-HW1 up to version 1.2.8 has a buffer overflow vulnerability in the start_lan function of the /apply.cgi file. Manipulation of the Channel/ApCliSsid argument can lead to this overflow, potentially allowing for code execution.