{"vulnerability": "CVE-2025-2568", "sightings": [{"uuid": "d050d05e-51e5-44fb-94d3-5b5c7081dbfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25683", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lk7cpuykbf2w", "content": "", "creation_timestamp": "2025-03-12T19:25:44.215032Z"}, {"uuid": "347e8be6-345b-422e-b3be-d30e8a22f0bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25685", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114179199208037720", "content": "", "creation_timestamp": "2025-03-17T18:31:56.926690Z"}, {"uuid": "968cc98b-ad94-456b-95a0-f64dcc2dfd28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25686", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3llhzvvzg6k2h", "content": "", "creation_timestamp": "2025-03-29T00:07:08.669100Z"}, {"uuid": "b4bca4e4-4c55-441f-86d5-d74c16441b57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25683", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:34.000000Z"}, {"uuid": "0b24e212-6635-4169-aad3-46141a43d1fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2568", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmckyu7ksv2h", "content": "", "creation_timestamp": "2025-04-08T13:22:15.096840Z"}, {"uuid": "f9067aa3-1577-43b8-aa29-0036f5503f7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2568", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10896", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2568\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: The Vayu Blocks \u2013 Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized access and modification of data due to missing capability checks on the 'vayu_blocks_get_toggle_switch_values_callback' and 'vayu_blocks_save_toggle_switch_callback' function in versions 1.0.4 to 1.2.1. This makes it possible for unauthenticated attackers to read plugin options and update any option with a key name ending in '_value'.\n\ud83d\udccf Published: 2025-04-08T11:11:30.860Z\n\ud83d\udccf Modified: 2025-04-08T11:11:30.860Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/27ca93a1-3dfc-4bbd-834a-1c04d9e22ebf?source=cve\n2. https://plugins.trac.wordpress.org/browser/vayu-blocks/trunk/inc/function.php#L126\n3. https://plugins.trac.wordpress.org/browser/vayu-blocks/trunk/inc/function.php#L133\n4. https://plugins.trac.wordpress.org/browser/vayu-blocks/trunk/inc/function.php#L139\n5. https://plugins.trac.wordpress.org/browser/vayu-blocks/trunk/inc/function.php#L182\n6. https://plugins.trac.wordpress.org/changeset/3263702/", "creation_timestamp": "2025-04-08T11:46:22.000000Z"}, {"uuid": "00f10373-93ce-4875-8117-be8fa2571218", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2568", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m2pk253aoi2n", "content": "", "creation_timestamp": "2025-10-08T21:02:26.110732Z"}, {"uuid": "9b013ed4-17dc-4f38-959d-1554d5332968", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2568", "type": "published-proof-of-concept", "source": "Telegram/PhhScPJ8nIwc2vRijZXtfdgvBVI811MtSflqcGx0gK4a11w", "content": "", "creation_timestamp": "2025-10-05T21:00:12.000000Z"}, {"uuid": "3b6239b7-91f1-4050-a1c4-d761b19e046b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2568", "type": "published-proof-of-concept", "source": "Telegram/sQVIjNjkH2EXm_goy9PFPSmXoZFdoGy6OvI98iStzZ6dE3w", "content": "", "creation_timestamp": "2025-10-06T21:00:04.000000Z"}, {"uuid": "ead4dc3e-cba5-4145-8313-90d2bfb0311c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25684", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8147", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25684\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A lack of validation in the path parameter (/download) of GL-INet Beryl AX GL-MT3000 v4.7.0 allows attackers to download arbitrary files from the device's file system via a crafted POST request.\n\ud83d\udccf Published: 2025-03-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-19T19:33:00.267Z\n\ud83d\udd17 References:\n1. https://medium.com/@tfortinsec/multiple-path-traversal-vulnerabilities-in-the-beryl-ax-gl-mt300-router-e7f856d14af9", "creation_timestamp": "2025-03-19T20:18:18.000000Z"}, {"uuid": "2a06a5a6-53a9-42f6-9b47-00187465ac68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25685", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8342", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25685\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in GL-INet Beryl AX GL-MT3000 v4.7.0. Attackers are able to download arbitrary files from the device's file system via adding symbolic links on an external drive used as a samba share.\n\ud83d\udccf Published: 2025-03-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-21T13:41:40.604Z\n\ud83d\udd17 References:\n1. https://medium.com/@tfortinsec/multiple-path-traversal-vulnerabilities-in-the-beryl-ax-gl-mt300-router-e7f856d14af9", "creation_timestamp": "2025-03-21T14:19:15.000000Z"}, {"uuid": "dbd637c1-32b8-4bfd-8893-d3b61da445d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25683", "type": "seen", "source": "https://t.me/cvedetector/20148", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25683 - AlekSIS-Core Unauthenticated PDF File Access Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25683 \nPublished : March 12, 2025, 5:15 p.m. | 1\u00a0hour, 58\u00a0minutes ago \nDescription : AlekSIS-Core is vulnerable to Incorrect Access Control. Unauthenticated users can access all PDF files. This affects AlekSIS-Core 3.0, 3.1, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.2.0 and 3.2.1. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-12T20:22:56.000000Z"}, {"uuid": "c45f8215-4b48-4b5d-bebb-f25d7cb3307b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25683", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7336", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25683\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: AlekSIS-Core is vulnerable to Incorrect Access Control. Unauthenticated users can access all PDF files. This affects AlekSIS-Core 3.0, 3.1, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.1.5, 3.1.6, 3.2.0 and 3.2.1.\n\ud83d\udccf Published: 2025-03-12T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-12T16:14:39.042Z\n\ud83d\udd17 References:\n1. https://edugit.org/AlekSIS/official/AlekSIS-Core/-/issues/1180\n2. https://aleksis.org/news/2025/01/security-advisory-cve-2025-25683-pdf-files-accessible-without-authentication/", "creation_timestamp": "2025-03-12T16:41:15.000000Z"}, {"uuid": "63cd7997-bcc4-484d-8ad2-c373195902f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25680", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8445", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25680\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: LSC Smart Connect LSC Indoor PTZ Camera 7.6.32 is contains a RCE vulnerability in the tuya_ipc_direct_connect function of the anyka_ipc process. The vulnerability allows arbitrary code execution through the Wi-Fi configuration process when a specially crafted QR code is presented to the camera.\n\ud83d\udccf Published: 2025-03-11T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-21T20:44:34.654Z\n\ud83d\udd17 References:\n1. https://github.com/Yasha-ops/LSC_Indoor_PTZ_Camera-RCE\n2. https://github.com/Yasha-ops/vulnerability-research/tree/master/CVE-2025-25680", "creation_timestamp": "2025-03-21T21:22:05.000000Z"}, {"uuid": "b49185d9-dec8-4b95-9540-c5baaed7bff3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2568", "type": "seen", "source": "https://t.me/cvedetector/22455", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2568 - WordPress WooCommerce Vayu Blocks Unauthenticated Data Access and Modification\", \n  \"Content\": \"CVE ID : CVE-2025-2568 \nPublished : April 8, 2025, 12:15 p.m. | 1\u00a0hour, 11\u00a0minutes ago \nDescription : The Vayu Blocks \u2013 Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized access and modification of data due to missing capability checks on the 'vayu_blocks_get_toggle_switch_values_callback' and 'vayu_blocks_save_toggle_switch_callback' function in versions 1.0.4 to 1.2.1. This makes it possible for unauthenticated attackers to read plugin options and update any option with a key name ending in '_value'. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T15:40:23.000000Z"}, {"uuid": "d9a18a03-c78a-434f-ae69-7b0b7ff1cecd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25685", "type": "seen", "source": "https://t.me/cvedetector/20494", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25685 - GL-INet Beryl AX File System Link Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25685 \nPublished : March 17, 2025, 5:15 p.m. | 41\u00a0minutes ago \nDescription : An issue was discovered in GL-INet Beryl AX GL-MT3000 v4.7.0. Attackers are able to download arbitrary files from the device's file system via adding symbolic links on an external drive used as a samba share. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T19:08:46.000000Z"}, {"uuid": "5480152c-1ee3-48a2-9867-59f34324512f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25684", "type": "seen", "source": "https://t.me/cvedetector/20493", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25684 - GL-INet Beryl AX File Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25684 \nPublished : March 17, 2025, 5:15 p.m. | 41\u00a0minutes ago \nDescription : A lack of validation in the path parameter (/download) of GL-INet Beryl AX GL-MT3000 v4.7.0 allows attackers to download arbitrary files from the device's file system via a crafted POST request. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T19:08:45.000000Z"}]}