Below are detailed summaries of multiple victims affected by these vulnerabilities, highlighting the nature of each threat and the potential impact on security.
CVE Alert: CVE-2025-0942
Vulnerability Summary:
The DB chooser functionality in Jalios JPlatform 10 SP6 before version 10.0.6 improperly neutralizes special elements used in SQL commands. This flaw allows authenticated administrative users to trigger SQL Injection attacks, leading to potential unauthorized access to sensitive data.
Affected Endpoints:
No specific affected endpoints have been listed.
CVSS Score:
CVSS v3 Score: 6 (Medium)
Exploit Status:
Not Exploited
References:
Cobalt Strike Beacon Detected: 119[.]45[.]30[.]250:18443
Vulnerability Summary:
This detection involves a Cobalt Strike beacon identified at the IP address 119.45.30.250, which was noted for suspicious activities indicative of a potential ransomware infection. The beacon may be used for command and control purposes, facilitating further malicious actions against affected systems.
Affected Endpoints:
No specific affected endpoints have been listed.
CVSS Score:
Not specified.
Exploit Status:
May be subject to false positives, requiring further validation.
References:
Cobalt Strike Beacon Detected: 134[.]175[.]220[.]144:80
Vulnerability Summary:
The beacon detected at IP 134.175.220.144 on port 80 suggests a compromised server potentially linked to ransomware operations. The presence of this beacon indicates ongoing command and control functions that could lead to data exfiltration or further attacks.
Affected Endpoints:
No specific affected endpoints have been listed.
CVSS Score:
Not specified.
Exploit Status:
May be subject to false positives, requiring further validation.
References:
Cobalt Strike Beacon Detected: 45[.]66[.]157[.]21:2087
Vulnerability Summary:
The detection of a Cobalt Strike beacon at the IP address 45.66.157.21 indicates a risk of ransomware deployment. This beacon is associated with command and control activities, which could facilitate unauthorized access and data manipulation.
Affected Endpoints:
No specific affected endpoints have been listed.
CVSS Score:
Not specified.
Exploit Status:
May be subject to false positives, requiring further validation.
References:
Cobalt Strike Beacon Detected: 156[.]224[.]29[.]3:443
Vulnerability Summary:
The Cobalt Strike beacon identified at 156.224.29.3 on port 443 highlights ongoing threats where ransomware actors may exploit this beacon for malicious intents, including potential data theft and system compromise.
Affected Endpoints:
No specific affected endpoints have been listed.
CVSS Score:
Not specified.
Exploit Status:
May be subject to false positives, requiring further validation.
References:
CVE Alert: CVE-2025-3385
Vulnerability Summary:
A vulnerability was found in LinZhaoguan pb-cms 2.0, classified as problematic. This vulnerability affects an unknown functionality of the Classification Management Page. Manipulation of the argument “Classification name” can lead to cross-site scripting (XSS) attacks, which can be initiated remotely.
Affected Endpoints:
No affected endpoints listed.
CVSS Score:
CVSS v3 Score: 2.4 (Low)
CVSS v2 Score: 3.3
Exploit Status:
Not Exploited
References:
CVE Alert: CVE-2025-3386
Vulnerability Summary:
A vulnerability in LinZhaoguan pb-cms 2.0 has been identified, affecting the file /admin#links within the Friendship Link Handler component. This allows for cross-site scripting (XSS) attacks, which can be executed remotely.
Affected Endpoints:
No affected endpoints listed.
CVSS Score:
CVSS v3 Score: 2.4 (Low)
Exploit Status:
Not Exploited
References:
CVE Alert: CVE-2025-3388
Vulnerability Summary:
A vulnerability classified as problematic was found in hailey888 oa_system up to version 2025.01.01. This affects the loginCheck function, leading to cross-site scripting (XSS) through manipulation of the argument “Username”. The attack can be initiated remotely.
Affected Endpoints:
No affected endpoints listed.
CVSS Score:
CVSS v3 Score: 4.3 (Medium)
CVSS v2 Score: 5
Exploit Status:
Not Exploited
References:
CVE Alert: CVE-2025-32030
Vulnerability Summary:
The Apollo Gateway, prior to version 2.10.1, contains a vulnerability that allows queries with deeply nested and reused named fragments to become prohibitively expensive during query planning. This can lead to excessive resource consumption and denial of service due to the lack of enforced timeouts in the query planner.
Affected Endpoints:
No affected endpoints listed.
CVSS Score:
CVSS v3 Score: 7.5 (High)
Exploit Status:
Not Exploited
References:
CVE Alert: CVE-2025-32031
Vulnerability Summary:
Apollo Gateway versions prior to 2.10.1 have a vulnerability that allows certain GraphQL queries to bypass internal optimizations, resulting in significantly longer planning times. This can exhaust the router’s thread pool, rendering it inoperable, leading to denial of service.
Affected Endpoints:
No affected endpoints listed.
CVSS Score:
CVSS v3 Score: 7.5 (High)
Exploit Status:
Not Exploited
References:
CVE Alert: CVE-2025-32032
Vulnerability Summary:
The Apollo Router Core, prior to versions 1.61.2 and 2.1.1, has a vulnerability that allows deeply nested and reused named fragments to lead to excessive resource consumption during query planning. This can result in denial of service due to exhausted resources.
Affected Endpoints:
No affected endpoints listed.
CVSS Score:
CVSS v3 Score: 7.5 (High)
Exploit Status:
Not Exploited
