CVE-2025-1782
published 2025-04-14CVE-2025-1782: In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is not properly sanitized before being used and can be misused to include an…
PriorityP263critical9.9CVSS 3.1
AVNACLPRLUINSCCHIHAH
EPSS
0.46%
36.3th percentile
In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is not properly sanitized
before being used and can be misused to include an arbitrary file in the
PHP code allowing an attacker to do anything as the web server user.
This flaw requires the attacker to be authenticated with a valid user account.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ifax | avantfax | < 3.3.* | 3.3.* |
| ifax | avantfax | >= 3.4.0 < 3.4.1 | 3.4.1 |
| ifax | hylafax | < 1.1.* | 1.1.* |
| ifax | hylafax | >= 1.2.0 < 1.2.1 | 1.2.1 |
| ifax | hylafax | >= 1.3.0 < 1.3.2 | 1.3.2 |
| rustfs | rustfs | >= 1.0.0-alpha.13 < 1.0.0-alpha.78 | 1.0.0-alpha.78 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
HylaFAX Enterprise Web Interface/AvantFAX code injection
vuldb·2026-05-27·CVSS 9.9
CVE-2025-1782 [CRITICAL] HylaFAX Enterprise Web Interface/AvantFAX code injection
A vulnerability, which was classified as critical, has been found in HylaFAX Enterprise Web Interface and AvantFAX. Affected is an unknown function. The manipulation leads to code injection.
This vulnerability is referenced as CVE-2025-1782. Remote exploitation of the attack is possible. No exploit is available.
It is advisable to upgrade the affected component.
GHSA
RustFS gRPC GetMetrics deserialization panic enables remote DoS
ghsa·2026-01-07
CVE-2025-69255 [MEDIUM] CWE-755 RustFS gRPC GetMetrics deserialization panic enables remote DoS
RustFS gRPC GetMetrics deserialization panic enables remote DoS
### Summary
A malformed gRPC `GetMetrics` request causes `get_metrics` to `unwrap()` failed deserialization of `metric_type`/`opts`, panicking the handler thread and enabling remote denial of service of the metrics endpoint.
### Details
- Vulnerable code: `rustfs/src/storage/tonic_service.rs:1775-1782`:
- `MetricType` and `CollectMetricsOpts` are deserialized with `Deserialize::deserialize(...).unwrap()` from client-supplied bytes.
- Malformed `metric_type`/`opts` (e.g., empty or truncated rmp-serde payloads) trigger `InvalidMarkerRead` and panic.
- Reachability: same TCP listener as S3 (default `:9000`); only a static interceptor token `authorization: rustfs rpc` is checked in `server/http.rs:677`.
- Impact scope: panic ter
GHSA
GHSA-qx93-7wx9-6wp7: In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is not properly sanitized
before being used and can be misused to include
ghsa_unreviewed·2025-04-14
CVE-2025-1782 [CRITICAL] CWE-94 GHSA-qx93-7wx9-6wp7: In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is not properly sanitized
before being used and can be misused to include
In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is not properly sanitized
before being used and can be misused to include an arbitrary file in the
PHP code allowing an attacker to do anything as the web server user.
This flaw requires the attacker to be authenticated with a valid user account.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-04-14
Published