CVE-2025-13807
published 2025-12-01CVE-2025-13807: A vulnerability was detected in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected is the function MachineKeyController of the file…
PriorityP429medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
EPSS
0.32%
23.6th percentile
A vulnerability was detected in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected is the function MachineKeyController of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineKeyController.java of the component API. The manipulation results in improper authorization. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| orionsec | orion-ops | <= 2025-08-01 | — |
| orionsec | orion-ops | — | — |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
nvdv4.02.1LOWCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-2vgr-2fqq-2wwf: A vulnerability was detected in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1
ghsa_unreviewed·2025-12-01
CVE-2025-13807 [MEDIUM] CWE-266 GHSA-2vgr-2fqq-2wwf: A vulnerability was detected in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1
A vulnerability was detected in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected is the function MachineKeyController of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineKeyController.java of the component API. The manipulation results in improper authorization. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Red Hat
kernel: Linux kernel (PTP): Denial of Service due to recursive locking in virtual clock handling
vendor_redhat·2025-07-10·CVSS 5.5
CVE-2025-38305 [MEDIUM] CWE-833 kernel: Linux kernel (PTP): Denial of Service due to recursive locking in virtual clock handling
kernel: Linux kernel (PTP): Denial of Service due to recursive locking in virtual clock handling
In the Linux kernel, the following vulnerability has been resolved:
ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use()
There is no disagreement that we should check both ptp->is_virtual_clock
and ptp->n_vclocks to check if the ptp virtual clock is in use.
However, when we acquire ptp->n_vclocks_mux to read ptp->n_vclocks in
ptp_vclock_in_use(), we observe a recursive lock in the call trace
starting from n_vclocks_store().
WARNING: possible recursive locking detected
6.15.0-rc6 #1 Not tainted
syz.0.1540/13807 is trying to acquire lock:
ffff888035a24868 (&ptp->n_vclocks_mux){+.+.}-{4:4}, at:
ptp_vclock_in_use drivers/ptp/ptp_private.h:103 [inline]
ffff888035a24868 (&ptp->n_vclocks_mux
No detection rules found.
No public exploits indexed.
https://github.com/Xzzz111/exps/blob/main/archives/orion-ops-information-disclosure-1/report.mdhttps://github.com/Xzzz111/exps/blob/main/archives/orion-ops-information-disclosure-1/report.md#proof-of-concepthttps://vuldb.com/?ctiid.333817https://vuldb.com/?id.333817https://vuldb.com/?submit.692066https://github.com/Xzzz111/exps/blob/main/archives/orion-ops-information-disclosure-1/report.mdhttps://github.com/Xzzz111/exps/blob/main/archives/orion-ops-information-disclosure-1/report.md#proof-of-concept
2025-12-01
Published