Home
» Risk & Exploitation
» Daily threat intelligence
» Apr 16, 2025
Apr 16, 2025 Cyber Threat Intelligence
Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.
Daily summary
SonicWall SMA100 Appliances added to CISA KEV — confirmed in-the-wild exploitation.
Phpmyfaq: public exploit or PoC linked (privilege escalation)
10 new critical disclosures — review patch status on exposed services.
Top threats today
Three highest-priority changes — analyst brief, not a CVE dump.
Critical active threat
CVE-2021-20035
SonicWall SMA100 Appliances OS Command Injection
Actively exploited (CISA KEV)
Listed on CISA KEV
SonicWall SMA100 Appliances Command Injection is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.
Active exploit activity
CVE-2020-5509
Phpgurukul Car Rental Portal RCE
Public exploit or PoC available
Exploit activity linked
Remote code execution exposure
Phpgurukul Car Rental Portal RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.
Critical exposure
CVE-2025-32433
Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function
CVSS 10
Remote code execution exposure
New critical Erlang/OTP RCE (CVSS 10) — fresh disclosure window; early internet scanning often precedes mature exploit chains.
Active exploitation
CISA KEV — confirmed in-the-wild exploitation.
SonicWall SMA100 Appliances OS Command Injection
View KEV additions
Exploit & PoC activity
The /WmAdmin/,/invoke/vm.server/login login page in the Integration Server in Software AG webMethods 10.15.0 before Core_Fix7 allows remo...
phpMyFAQ is an open source FAQ web application.
Cross Site Request Forgery vulnerabilities where found providing a potiential for exposing sensitive information or changing system setti...
A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this...
Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability.
Teedy 1.11 is vulnerable to Cross Site Scripting (XSS) via the management console.
The WooCommerce Customers Manager WordPress plugin before 29.7 does not properly sanitise and escape a parameter before using it in a SQL...
The Smart Manager WordPress plugin before 8.28.0 does not properly sanitise and escape a parameter before using it in a SQL statement, le...
Nagvis before 1.9.34 was discovered to contain an arbitrary file read vulnerability via the component /core/classes/NagVisHoverUrl.php.
ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonst...
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.9.
A stored cross-site scripting (XSS) vulnerability in Garage Management System v1.0 allows attackers to execute arbitrary web scripts or H...
View new exploit links
Exploitation dynamics
Nothing flagged in this category for this digest.
See EPSS increases
New critical disclosures
Wallos <= 2.38.2 has a file upload vulnerability in the restore backup function, which allows authenticated users to restore backups by u...
Wallos <=2.38.2 has a file upload vulnerability in the restore database function, which allows unauthenticated users to restore database...
Overview The product receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is...
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2).
SourceCodester Company Website CMS 1.0 contains a file upload vulnerability via the "Create Services" file /dashboard/Services.
SourceCodester Company Website CMS 1.0 has a File upload vulnerability via the "Create portfolio" file /dashboard/portfolio.
Apple Multiple Products Memory Corruption
Apple Multiple Products Arbitrary Read and Write
A improper control of filename for include/require statement in PHP program vulnerability in the retrieve course Information function of...
Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function
View critical disclosures
cvelogic
Threat Intelligence