{"vulnerability": "CVE-2025-2814", "sightings": [{"uuid": "666dd3d2-41b5-4873-a185-f4dc310626ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2814", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmo6vvjxhb2l", "content": "", "creation_timestamp": "2025-04-13T04:17:46.992772Z"}, {"uuid": "2b4b300a-e6d7-420b-b691-79de0895516d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28146", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10442", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-28146\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was discovered to contain a command injection vulnerability via fota_url in /boafrm/formLtefotaUpgradeQuectel\n\ud83d\udccf Published: 2025-04-04T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-04T13:20:07.666Z\n\ud83d\udd17 References:\n1. https://github.com/regainer27/edimax-br-6478ac_v3-br-6478ac_v3_1.0.15/tree/main/3", "creation_timestamp": "2025-04-04T13:35:50.000000Z"}, {"uuid": "781e41f1-4acc-4555-a5bb-f8e58b9b24ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28145", "type": "seen", "source": "https://t.me/cvedetector/22978", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-28145 - Edimax Router Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-28145 \nPublished : April 15, 2025, 3:16 p.m. | 2\u00a0hours ago \nDescription : Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was discovered to contain a command injection vulnerability via partition in /boafrm/formDiskFormat. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-15T19:57:22.000000Z"}, {"uuid": "8153809d-0d7b-45de-a328-c65331c88575", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2814", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11553", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2814\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Crypt::CBC versions between 1.21 and 3.04 for Perl may use the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.\n\nThis issue affects operating systems where \"/dev/urandom'\" is unavailable.\u00a0 In that case, Crypt::CBC will fallback to use the insecure rand() function.\n\ud83d\udccf Published: 2025-04-12T23:41:48.511Z\n\ud83d\udccf Modified: 2025-04-12T23:41:48.511Z\n\ud83d\udd17 References:\n1. https://perldoc.perl.org/functions/rand\n2. https://metacpan.org/dist/Crypt-CBC/source/lib/Crypt/CBC.pm#L777\n3. https://security.metacpan.org/docs/guides/random-data-for-security.html", "creation_timestamp": "2025-04-13T00:51:42.000000Z"}, {"uuid": "d53bb27f-f39a-471e-965d-9e373cb2c18d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28144", "type": "seen", "source": "https://t.me/cvedetector/22977", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-28144 - Edimax BR-6478AC Router Stack Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-28144 \nPublished : April 15, 2025, 3:16 p.m. | 2\u00a0hours ago \nDescription : Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was discovered to contain a stack overflow vlunerability via peerPin parameter in the formWsc function. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-15T19:57:21.000000Z"}, {"uuid": "00754177-d108-4eab-9247-734c255cc5d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28143", "type": "seen", "source": "https://t.me/cvedetector/22976", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-28143 - Edimax Router Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-28143 \nPublished : April 15, 2025, 3:16 p.m. | 2\u00a0hours ago \nDescription : Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3_1.0.15 was discovered to contain a command injection vulnerability via the groupname at the /boafrm/formDiskCreateGroup. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-15T19:57:18.000000Z"}, {"uuid": "4d2b2a2d-7d18-48ef-ade1-cb1d23f0f35d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28142", "type": "seen", "source": "https://t.me/cvedetector/22975", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-28142 - Edimax Router Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-28142 \nPublished : April 15, 2025, 3:16 p.m. | 2\u00a0hours ago \nDescription : Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3_1.0.15 was discovered to contain a command injection vulnerability via the foldername in /boafrm/formDiskCreateShare. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-15T19:57:17.000000Z"}, {"uuid": "86933875-f566-45a9-ab3a-2c185f58dad0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-28146", "type": "seen", "source": "https://t.me/cvedetector/22145", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-28146 - Edimax Router Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-28146 \nPublished : April 4, 2025, 2:15 p.m. | 1\u00a0hour, 42\u00a0minutes ago \nDescription : Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was discovered to contain a command injection vulnerability via fota_url in /boafrm/formLtefotaUpgradeQuectel \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T18:01:34.000000Z"}, {"uuid": "e39e51f7-ef14-4b09-b00b-e7ff94f1c295", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2814", "type": "seen", "source": "https://t.me/cvedetector/22801", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2814 - \"Verisign Crypt::CBC Insecure Random Number Generation Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-2814 \nPublished : April 13, 2025, 12:15 a.m. | 32\u00a0minutes ago \nDescription : Crypt::CBC versions between 1.21 and 3.04 for Perl may use the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.  \n  \nThis issue affects operating systems where \"/dev/urandom'\" is unavailable.\u00a0 In that case, Crypt::CBC will fallback to use the insecure rand() function. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-13T03:33:14.000000Z"}]}