{"vulnerability": "CVE-2025-1731", "sightings": [{"uuid": "15387219-53da-430a-b53e-c69610328c46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1731", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114381831754523230", "content": "", "creation_timestamp": "2025-04-22T13:24:03.778818Z"}, {"uuid": "ec20bd69-e641-4d0c-9e30-98e6ecfb2fd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1731", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lpkht6a4cf2i", "content": "", "creation_timestamp": "2025-05-19T21:02:15.830370Z"}, {"uuid": "a8d7b525-5a42-416c-ab38-a9823809fc94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1731", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-8e663f79-45a3417748370530", "content": "", "creation_timestamp": "2025-04-22T06:11:45.798019Z"}, {"uuid": "50ca9707-2d59-4074-9fd7-da9d165d50af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1731", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnf4gmmmco2c", "content": "", "creation_timestamp": "2025-04-22T07:04:43.949837Z"}, {"uuid": "738d5816-65b5-42ed-8ab7-fabc176be82e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-1731", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114387399777458382", "content": "", "creation_timestamp": "2025-04-23T13:00:05.357215Z"}, {"uuid": "84408c53-8280-4376-b579-75934f0a8af6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1731", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lnhidyaump2z", "content": "", "creation_timestamp": "2025-04-23T05:43:17.510787Z"}, {"uuid": "ccfaf58f-378c-4893-9885-c586b14da39c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1731", "type": "seen", "source": "https://bsky.app/profile/hnsec.infosec.exchange.ap.brid.gy/post/3lnhkazh7b7w2", "content": "", "creation_timestamp": "2025-04-23T06:20:52.386884Z"}, {"uuid": "f093ac31-bb29-4e00-9d55-97a486cb3c5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1731", "type": "seen", "source": "https://bsky.app/profile/r-netsec.bsky.social/post/3lnhknrngjq2a", "content": "", "creation_timestamp": "2025-04-23T06:24:32.974523Z"}, {"uuid": "192c52a6-5f74-4342-b76b-5b54ee073576", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1731", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lniodnr2gz2z", "content": "", "creation_timestamp": "2025-04-23T17:03:09.642133Z"}, {"uuid": "d4fb3359-9a7e-417c-abd8-726a448db4eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1731", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lnji2e7ugn2g", "content": "", "creation_timestamp": "2025-04-24T00:43:13.725654Z"}, {"uuid": "6dcc1c92-9fcd-4811-9550-d7bbaad1dcb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1731", "type": "seen", "source": "https://bsky.app/profile/r-netsec.bsky.social/post/3lnjjjgyifn2u", "content": "", "creation_timestamp": "2025-04-24T01:09:33.178502Z"}, {"uuid": "f2af60f7-44bb-4263-95f6-bc7cdce32322", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1731", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lnkcsbiupb2j", "content": "", "creation_timestamp": "2025-04-24T08:41:53.148944Z"}, {"uuid": "f01499a0-2ea5-459f-96d6-658112f8dd6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1731", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12791", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-1731\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: An incorrect permission assignment vulnerability in the PostgreSQL commands of the USG FLEX H series uOS firmware versions from V1.20 through V1.31 could allow an authenticated local attacker with low privileges to gain access to the Linux shell and escalate their privileges by crafting malicious scripts or modifying system configurations with administrator-level access through a stolen token. Modifying the system configuration is only possible if the administrator has not logged out and the token remains valid.\n\ud83d\udccf Published: 2025-04-22T01:52:04.064Z\n\ud83d\udccf Modified: 2025-04-22T01:52:04.064Z\n\ud83d\udd17 References:\n1. https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-incorrect-permission-assignment-and-improper-privilege-management-vulnerabilities-in-usg-flex-h-series-firewalls-04-22-2025", "creation_timestamp": "2025-04-22T03:02:53.000000Z"}, {"uuid": "d9574ad1-6f79-4af4-b07e-fef0cfd25bab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-1731", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-552c5871-8c42dbefd8e7612e", "content": "", "creation_timestamp": "2025-04-26T04:43:24.800479Z"}, {"uuid": "240b1382-43fe-49cc-85bf-9d130ad99d5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1731", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3lnkugmoxff2z", "content": "", "creation_timestamp": "2025-04-24T13:57:29.333299Z"}, {"uuid": "279123ca-c66a-4466-9ffe-4ff0397c505c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1731", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3lot7ocw6ul2n", "content": "", "creation_timestamp": "2025-05-10T15:05:08.814491Z"}, {"uuid": "043b3d22-9fae-4d07-8cfd-78334bc0106c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1731", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-5744fe79-a6c56f6f2dd16a71", "content": "", "creation_timestamp": "2025-10-21T06:59:37.395796Z"}, {"uuid": "946fcaa3-e4c7-46c1-8afb-c5a3a1c22fe6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1731", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/463", "content": "Top Security News for Today\n\nLocal privilege escalation on Zyxel USG FLEX H Series (CVE-2025-1731)  \nhttps://www.reddit.com/r/netsec/comments/1k5roqe/local_privilege_escalation_on_zyxel_usg_flex_h/\n\nRegulating AI Behavior with a Hypervisor  \nhttps://www.schneier.com/blog/archives/2025/04/regulating-ai-behavior-with-a-hypervisor.html\n\nUnderstanding the threat landscape for Kubernetes and containerized assets  \nhttps://www.microsoft.com/en-us/security/blog/2025/04/23/understanding-the-threat-landscape-for-kubernetes-and-containerized-assets/\n\nXRP Supplychain attack: Official NPM package infected with crypto stealing backdoor  \nhttps://www.reddit.com/r/netsec/comments/1k54dna/xrp_supplychain_attack_official_npm_package/\n\nDOGE Worker\u2019s Code Supports NLRB Whistleblower  \nhttps://krebsonsecurity.com/2025/04/doge-workers-code-supports-nlrb-whistleblower/\n\nAuthenticated Remote Code Execution on USG FLEX H Series (CVE-2025-1731 / CVE-2025-1732)  \nhttps://www.reddit.com/r/netsec/comments/1k6f52p/authenticated_remote_code_execution_on_usg_flex_h/\n\nOperation SyncHole: Lazarus APT goes back to the well  \nhttps://securelist.com/operation-synchole-watering-hole-attacks-by-lazarus/116326/\n\nScams 2.0: How Technology Is Powering the Next Generation of Fraud  \nhttps://www.tripwire.com/state-of-security/scams-how-technology-powering-next-generation-fraud\n\nFollow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2025-04-24T09:30:30.000000Z"}, {"uuid": "6af01d2a-80f5-4dd9-99cf-e55a4e1f1f5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1731", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/462", "content": "Top Security News for Today\n\nAttacking My Landlord's Boiler  \nhttps://www.reddit.com/r/netsec/comments/1k5023x/attacking_my_landlords_boiler/\n\nWindows Defender antivirus bypass in 2025 - Part 2  \nhttps://www.reddit.com/r/netsec/comments/1k50npg/windows_defender_antivirus_bypass_in_2025_part_2/\n\nLine jumping: The silent backdoor in MCP  \nhttps://www.reddit.com/r/netsec/comments/1k4j7u5/line_jumping_the_silent_backdoor_in_mcp/\n\nRussian organizations targeted by backdoor masquerading as secure networking software updates  \nhttps://securelist.com/new-backdoor-mimics-security-software-update/116246/\n\nHow I made $64k from deleted files \u2014 a bug bounty story  \nhttps://www.reddit.com/r/netsec/comments/1k59mtf/how_i_made_64k_from_deleted_files_a_bug_bounty/\n\nGlitching STM32 Read Out Protection - Anvil Secure  \nhttps://www.reddit.com/r/netsec/comments/1k5e3we/glitching_stm32_read_out_protection_anvil_secure/\n\nLocal privilege escalation on Zyxel USG FLEX H Series (CVE-2025-1731)  \nhttps://security.humanativaspa.it/local-privilege-escalation-on-zyxel-usg-flex-h-series-cve-2025-1731/\n\nFollow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2025-04-23T09:30:29.000000Z"}, {"uuid": "512bac40-0400-4686-9be7-7683ba333065", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1731", "type": "seen", "source": "Telegram/z3hrnS4sCgLCaWMA7rI3OA9UpXy1hGKImXcclK-WChPDY5I", "content": "", "creation_timestamp": "2025-04-22T05:00:32.000000Z"}, {"uuid": "ba6cbd0a-62dd-4329-8176-c698b0a35a00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1731", "type": "seen", "source": "https://t.me/cvedetector/23478", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-1731 - \"USG FLEX H series PostgreSQL Command Privilege Escalation Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-1731 \nPublished : April 22, 2025, 3:15 a.m. | 35\u00a0minutes ago \nDescription : An incorrect permission assignment vulnerability in the PostgreSQL commands of the USG FLEX H series uOS firmware versions from V1.20 through V1.31 could allow an authenticated local attacker with low privileges to gain access to the Linux shell and escalate their privileges by crafting malicious scripts or modifying system configurations with administrator-level access through a stolen token. Modifying the system configuration is only possible if the administrator has not logged out and the token remains valid. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-22T05:51:42.000000Z"}]}