{"vulnerability": "CVE-2025-3009", "sightings": [{"uuid": "3c6081cf-74a4-4f45-8411-383793eb98c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30091", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3llbek47nv22m", "content": "", "creation_timestamp": "2025-03-26T08:28:50.437650Z"}, {"uuid": "769920b9-fa37-4d02-8bf9-55558a7b4aaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30091", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3ll7itrokhg2o", "content": "", "creation_timestamp": "2025-03-25T14:40:25.453435Z"}, {"uuid": "882b386a-b3bc-4cdb-9134-b0209a3b308d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30092", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkri2jypfu26", "content": "", "creation_timestamp": "2025-03-20T00:49:06.430332Z"}, {"uuid": "0c498bd6-d9f1-46bb-9205-be5eacb1a55e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30091", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll7qmwga5e2w", "content": "", "creation_timestamp": "2025-03-25T16:59:45.630997Z"}, {"uuid": "d1b1d757-1b06-42eb-ae5f-e978eb86260c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30090", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114268817864484797", "content": "", "creation_timestamp": "2025-04-02T14:23:09.081666Z"}, {"uuid": "dc724d65-7734-4d9a-8eb4-fe6527c530ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30095", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3llsye2icb22v", "content": "", "creation_timestamp": "2025-04-02T08:38:36.694044Z"}, {"uuid": "8610fe4e-47ae-4b0e-b2a2-5103f7bfe298", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30095", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3llsozmuu6t2u", "content": "", "creation_timestamp": "2025-04-02T05:51:39.377345Z"}, {"uuid": "ece09c80-5784-4dbc-aa01-80e23acc5299", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30093", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3llhotwpwb52j", "content": "", "creation_timestamp": "2025-03-28T20:49:11.261972Z"}, {"uuid": "7a63a230-be8d-40b2-a3cf-f7808be2d5c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30090", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114268817864484797", "content": "", "creation_timestamp": "2025-04-02T14:23:09.095055Z"}, {"uuid": "de5c308f-655c-496b-9fb6-d262c3253d5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30091", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:45.000000Z"}, {"uuid": "b55b0fa1-5456-46dd-bf81-97b7708d725b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30091", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:48:01.000000Z"}, {"uuid": "80f4cf17-9962-49ea-afe2-dd25581850ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3009", "type": "seen", "source": "https://t.me/cvedetector/21648", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3009 - Jinher Network OA C6 SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3009 \nPublished : March 31, 2025, 8:15 p.m. | 51\u00a0minutes ago \nDescription : A vulnerability classified as critical was found in Jinher Network OA C6. Affected by this vulnerability is an unknown functionality of the file /C6/JHSoft.Web.NetDisk/NetDiskProperty.aspx. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T23:23:52.000000Z"}, {"uuid": "d8a940a8-5f11-446c-b87c-46ab08751b83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30093", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9365", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30093\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: HTCondor 23.0.x before 23.0.22, 23.10.x before 23.10.22, 24.0.x before 24.0.6, and 24.6.x before 24.6.1 allows authenticated attackers to bypass authorization restrictions.\n\ud83d\udccf Published: 2025-03-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-28T15:19:37.543Z\n\ud83d\udd17 References:\n1. https://htcondor.org/security/vulnerabilities/HTCONDOR-2025-0001.html", "creation_timestamp": "2025-03-28T15:28:33.000000Z"}, {"uuid": "7a97a39c-3407-44a6-b0d7-b19eff31e3b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3009", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9765", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3009\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as critical was found in Jinher Network OA C6. Affected by this vulnerability is an unknown functionality of the file /C6/JHSoft.Web.NetDisk/NetDiskProperty.aspx. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-03-31T19:31:04.937Z\n\ud83d\udccf Modified: 2025-03-31T19:31:04.937Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.302059\n2. https://vuldb.com/?ctiid.302059\n3. https://vuldb.com/?submit.524554\n4. https://github.com/Myoung-SA/cve/issues/1", "creation_timestamp": "2025-03-31T20:31:11.000000Z"}, {"uuid": "0d7dda19-069f-4bfa-8d76-afdbe3d660e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30095", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9769", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30095\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: VyOS 1.3 through 1.5 (fixed in 1.4.2) or any Debian-based system using dropbear in combination with live-build has the same Dropbear private host keys across different installations. Thus, an attacker can conduct active man-in-the-middle attacks against SSH connections if Dropbear is enabled as the SSH daemon. I n VyOS, this is not the default configuration for the system SSH daemon, but is for the console service. To mitigate this, one can run \"rm -f /etc/dropbear/*key*\" and/or \"rm -f /etc/dropbear-initramfs/*key*\" and then dropbearkey -t rsa -s 4096 -f /etc/dropbear_rsa_host_key and reload the service or reboot the system before using Dropbear as the SSH daemon (this clears out all keys mistakenly built into the release image) or update to the latest version of VyOS 1.4 or 1.5. Note that this vulnerability is not unique to VyOS and may appear in any Debian-based Linux distribution that uses Dropbear in combination with live-build, which has a safeguard against this behavior in OpenSSH but no equivalent one for Dropbear.\n\ud83d\udccf Published: 2025-03-31T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-31T20:49:35.107Z\n\ud83d\udd17 References:\n1. https://github.com/vyos/\n2. https://vyos.net/get/stream/#1.5-2025-Q1\n3. https://blog.vyos.io/vyos-stream-1.5-2025-q1\n4. https://vyos.dev/T7217\n5. https://blog.vyos.io/vyos-project-march-2025-update", "creation_timestamp": "2025-03-31T21:31:33.000000Z"}, {"uuid": "925f9de9-86e1-4f16-ac30-e096af948ece", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30093", "type": "seen", "source": "https://t.me/cvedetector/21334", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30093 - HTCondor Authorization Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30093 \nPublished : March 27, 2025, 7:15 p.m. | 28\u00a0minutes ago \nDescription : HTCondor 23.0.x before 23.0.22, 23.10.x before 23.10.22, 24.0.x before 24.0.6, and 24.6.x before 24.6.1 allows authenticated attackers to bypass authorization restrictions. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-27T20:50:26.000000Z"}, {"uuid": "ef0ec3bf-5a11-4431-9f10-63f9330a8df0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30090", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10065", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30090\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: mime.php in SquirrelMail through 1.4.23-svn-20250401 and 1.5.x through 1.5.2-svn-20250401 allows XSS via e-mail headers, because JavaScript payloads are mishandled after $encoded has been set to true.\n\ud83d\udccf Published: 2025-04-02T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-02T13:27:48.268Z\n\ud83d\udd17 References:\n1. https://squirrelmail.org\n2. https://squirrelmail.org/security/issue.php?d=2025-04-02", "creation_timestamp": "2025-04-02T13:33:35.000000Z"}, {"uuid": "35b37df6-3fa0-4cbc-bc40-068808bc4238", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30090", "type": "seen", "source": "https://t.me/cvedetector/21864", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30090 - SquirrelMail MIME PHP XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30090 \nPublished : April 2, 2025, 1:15 p.m. | 1\u00a0hour, 4\u00a0minutes ago \nDescription : mime.php in SquirrelMail through 1.4.23-svn-20250401 and 1.5.x through 1.5.2-svn-20250401 allows XSS via e-mail headers, because JavaScript payloads are mishandled after $encoded has been set to true. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T16:39:22.000000Z"}, {"uuid": "cc9a5a3c-4006-46a8-aa8d-a59fdf907bfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30091", "type": "seen", "source": "https://t.me/cvedetector/21108", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30091 - MoxieManager Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30091 \nPublished : March 25, 2025, 2:15 p.m. | 1\u00a0hour, 46\u00a0minutes ago \nDescription : In Tiny MoxieManager PHP before 4.0.0, remote code execution can occur in the installer command. This vulnerability allows unauthenticated attackers to inject and execute arbitrary code. Attacker-controlled data to InstallCommand can be inserted into config.php, and InstallCommand is available after an installation has completed. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T17:49:16.000000Z"}, {"uuid": "1b1cb0bf-875e-42d3-b2e5-d34d5769aaa8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30095", "type": "seen", "source": "https://t.me/cvedetector/21628", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30095 - VyOS Dropbear Private Key Exposure\", \n  \"Content\": \"CVE ID : CVE-2025-30095 \nPublished : March 31, 2025, 3:15 p.m. | 1\u00a0hour, 48\u00a0minutes ago \nDescription : VyOS 1.3 through 1.5 or any Debian-based system using dropbear in combination with live-build has the same Dropbear private host keys across different installations. Thus, an attacker can conduct active man-in-the-middle attacks against SSH connections if Dropbear is enabled as the SSH daemon. I n VyOS, this is not the default configuration for the system SSH daemon, but is for the console service. To mitigate this, one can run \"rm -f /etc/dropbear/*key*\" and/or \"rm -f /etc/dropbear-initramfs/*key*\" and then dropbearkey -t rsa -s 4096 -f /etc/dropbear_rsa_host_key and reload the service or reboot the system before using Dropbear as the SSH daemon (this clears out all keys mistakenly built into the release image) or update to the latest version of VyOS 1.4 or 1.5. Note that this vulnerability is not unique to VyOS and may appear in any Debian-based Linux distribution that uses Dropbear in combination with live-build, which has a safeguard against this behavior in OpenSSH but no equivalent one for Dropbear. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T19:12:39.000000Z"}, {"uuid": "f22d7be8-a538-4468-99f8-9d12aa657feb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30091", "type": "seen", "source": "https://t.me/CyberBulletin/2818", "content": "\u26a1CVE-2025-30091: Critical RCE Flaw Found in MoxieManager.\n\n#CyberBulletin", "creation_timestamp": "2025-03-26T17:55:10.000000Z"}, {"uuid": "c3b4306c-43f7-45d4-8c4a-d5dc632d6306", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30092", "type": "seen", "source": "https://t.me/cvedetector/20669", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30092 - Intrexx Portal Server Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30092 \nPublished : March 19, 2025, 9:15 p.m. | 15\u00a0minutes ago \nDescription : Intrexx Portal Server 12.x <=<=\nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-19T23:00:18.000000Z"}, {"uuid": "58048597-ca29-495a-903a-bc5e01919921", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30090", "type": "seen", "source": "Telegram/btQPrV2iQXCSUzBFQMhVPOopOlgRe2hHkcaTb6iIuQoYL_o", "content": "", "creation_timestamp": "2025-04-02T16:00:20.000000Z"}, {"uuid": "45a843ce-d587-47cf-bacc-2673cc02d3d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30091", "type": "seen", "source": "Telegram/fkOkNKNAko3WqC0p1YC_Gx1teUW4Z2azOsTEPi7YkRkOXCo", "content": "", "creation_timestamp": "2025-03-25T15:30:24.000000Z"}]}