Splunk Enterprise Security update for third-party components
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 14 |
| CVE-ID | CVE-2022-46175 CVE-2025-4947 CVE-2025-5025 CVE-2025-0725 CVE-2025-0167 CVE-2021-44906 CVE-2024-1351 CVE-2022-37601 CVE-2024-7553 CVE-2024-7254 CVE-2015-5237 CVE-2025-52999 CVE-2024-45337 CVE-2025-32415 |
| CWE-ID | CWE-94 CWE-295 CWE-190 CWE-200 CWE-400 CWE-284 CWE-674 CWE-122 CWE-119 CWE-285 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #13 is available. |
| Vulnerable software |
Splunk Enterprise Server applications / IDS/IPS systems, Firewalls and proxy servers |
| Vendor | Splunk Inc. |
Security Bulletin
This security bulletin contains information about 14 vulnerabilities.
1) Prototype pollution
EUVDB-ID: #VU71577
Risk: Medium
CVSSv4.0: 6.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-46175
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data within the JSON5.parse() function. A remote attacker can inject and execute arbitrary script code.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsSplunk Enterprise: 9.2.0 - 10.0.0
CPE2.3- cpe:2.3:a:splunk:splunk_enterprise:9.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:10.0.0:*:*:*:*:*:*:*
https://advisory.splunk.com/advisories/SVD-2025-1007
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper Certificate Validation
EUVDB-ID: #VU109884
Risk: Low
CVSSv4.0: 0.6 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-4947
CWE-ID:
CWE-295 - Improper Certificate Validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to missing certificate validation for QUIC connections when connecting to a host specified as an IP address in the URL. A remote attacker can perform Man-in-the-middle (MitM) attack.
Note, successful exploitation of the vulnerability requires wolfSSL to be used as the TLS backend for QUIC to trigger.
MitigationInstall update from vendor's website.
Vulnerable software versionsSplunk Enterprise: 9.2.0 - 10.0.0
CPE2.3- cpe:2.3:a:splunk:splunk_enterprise:9.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:10.0.0:*:*:*:*:*:*:*
https://advisory.splunk.com/advisories/SVD-2025-1007
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper Certificate Validation
EUVDB-ID: #VU109885
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-5025
CWE-ID:
CWE-295 - Improper Certificate Validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to libcurl does not perform pinning of the server certificate public key for HTTPS transfers when connecting with QUIC for HTTP/3, when the TLS backend is wolfSSL. A remote attacker can perform Man-in-the-middle (MitM) attack and track the victim into connecting to a malicious server.
MitigationInstall update from vendor's website.
Vulnerable software versionsSplunk Enterprise: 9.2.0 - 10.0.0
CPE2.3- cpe:2.3:a:splunk:splunk_enterprise:9.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:10.0.0:*:*:*:*:*:*:*
https://advisory.splunk.com/advisories/SVD-2025-1007
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Integer overflow
EUVDB-ID: #VU103646
Risk: High
CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-0725
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow when handling gzip decompression of content-encoded HTTP responses with the CURLOPT_ACCEPT_ENCODING option using zlib 1.2.0.3 or older. A remote attacker can send specially crafted response to the application, trigger an integer overflow and execute arbitrary code on the target system.
Install update from vendor's website.
Vulnerable software versionsSplunk Enterprise: 9.2.0 - 10.0.0
CPE2.3- cpe:2.3:a:splunk:splunk_enterprise:9.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:10.0.0:*:*:*:*:*:*:*
https://advisory.splunk.com/advisories/SVD-2025-1007
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Information disclosure
EUVDB-ID: #VU103648
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-0167
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to application can leak credentials when asked to use a .netrc file for credentials and to follow HTTP redirects. A remote attacker can gain access to sensitive information.
Install update from vendor's website.
Vulnerable software versionsSplunk Enterprise: 9.2.0 - 10.0.0
CPE2.3- cpe:2.3:a:splunk:splunk_enterprise:9.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:10.0.0:*:*:*:*:*:*:*
https://advisory.splunk.com/advisories/SVD-2025-1007
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Resource exhaustion
EUVDB-ID: #VU64030
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-44906
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to escalate privileges on the system.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can trick the library into adding or modifying the properties of Object.prototype, using a constructor or __proto__ payload, resulting in prototype pollution and loss of confidentiality, availability, and integrity.
MitigationInstall update from vendor's website.
Vulnerable software versionsSplunk Enterprise: 9.2.0 - 10.0.0
CPE2.3- cpe:2.3:a:splunk:splunk_enterprise:9.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:10.0.0:*:*:*:*:*:*:*
https://advisory.splunk.com/advisories/SVD-2025-1007
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Improper Certificate Validation
EUVDB-ID: #VU116642
Risk: Medium
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-1351
CWE-ID:
CWE-295 - Improper Certificate Validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to under certain configurations of --tlsCAFile and tls.CAFile the server may skip peer certificate validation. A remote attacker can perform MitM attack and compromise communication between MongoDB server and client.
MitigationInstall update from vendor's website.
Vulnerable software versionsSplunk Enterprise: 9.2.0 - 10.0.0
CPE2.3- cpe:2.3:a:splunk:splunk_enterprise:9.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:10.0.0:*:*:*:*:*:*:*
https://advisory.splunk.com/advisories/SVD-2025-1007
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Prototype pollution
EUVDB-ID: #VU70123
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2022-37601
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform prototype pollution attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data within the parseQuery() function in parseQuery.js. A remote attacker can inject and execute arbitrary JavaScript code.
Install update from vendor's website.
Vulnerable software versionsSplunk Enterprise: 9.2.0 - 10.0.0
CPE2.3- cpe:2.3:a:splunk:splunk_enterprise:9.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:10.0.0:*:*:*:*:*:*:*
https://advisory.splunk.com/advisories/SVD-2025-1007
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Improper access control
EUVDB-ID: #VU111878
Risk: Medium
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-7553
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper access restrictions. A local user can bypass implemented security restrictions and execute arbitrary behaviour determined by the contents of untrusted files.
MitigationInstall update from vendor's website.
Vulnerable software versionsSplunk Enterprise: 9.2.0 - 10.0.0
CPE2.3- cpe:2.3:a:splunk:splunk_enterprise:9.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:10.0.0:*:*:*:*:*:*:*
https://advisory.splunk.com/advisories/SVD-2025-1007
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Uncontrolled Recursion
EUVDB-ID: #VU97574
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-7254
CWE-ID:
CWE-674 - Uncontrolled Recursion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation when parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or against Protobuf map fields. A remote attacker can pass specially crafted input to the application to create unbounded recursions and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsSplunk Enterprise: 9.2.0 - 10.0.0
CPE2.3- cpe:2.3:a:splunk:splunk_enterprise:9.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:10.0.0:*:*:*:*:*:*:*
https://advisory.splunk.com/advisories/SVD-2025-1007
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Heap-based buffer overflow
EUVDB-ID: #VU70097
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2015-5237
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsSplunk Enterprise: 9.2.0 - 10.0.0
CPE2.3- cpe:2.3:a:splunk:splunk_enterprise:9.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:10.0.0:*:*:*:*:*:*:*
https://advisory.splunk.com/advisories/SVD-2025-1007
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Buffer overflow
EUVDB-ID: #VU112106
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-52999
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when parsing deeply nested JSON files. A remote attacker can pass a specially crafted JSON file to the application, trigger memory corruption and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsSplunk Enterprise: 9.2.0 - 10.0.0
CPE2.3- cpe:2.3:a:splunk:splunk_enterprise:9.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:10.0.0:*:*:*:*:*:*:*
https://advisory.splunk.com/advisories/SVD-2025-1007
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Improper authorization
EUVDB-ID: #VU101777
Risk: Medium
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2024-45337
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to the application.
The vulnerability exists due to improper authorization caused by improper usage of the ServerConfig.PublicKeyCallback callback. A remote attacker can bypass authorization in certain cases and gain access to the application.
Install update from vendor's website.
Vulnerable software versionsSplunk Enterprise: 9.2.0 - 10.0.0
CPE2.3- cpe:2.3:a:splunk:splunk_enterprise:9.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:10.0.0:*:*:*:*:*:*:*
https://advisory.splunk.com/advisories/SVD-2025-1007
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
14) Heap-based buffer overflow
EUVDB-ID: #VU107596
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-32415
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the xmlSchemaIDCFillNodeTables() function. A remote attacker can pass specially crafted XML data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsSplunk Enterprise: 9.2.0 - 10.0.0
CPE2.3- cpe:2.3:a:splunk:splunk_enterprise:9.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:9.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:splunk:splunk_enterprise:10.0.0:*:*:*:*:*:*:*
https://advisory.splunk.com/advisories/SVD-2025-1007
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
