Critical Auth Bypass Vulnerability (CVE-2025-51381) Found in KAON KCM3100 Gateways

June 18, 2025

Critical Auth Bypass Vulnerability (CVE-2025-51381) Found in KAON KCM3100 Gateways

A critical vulnerability has been disclosed in KAON’s KCM3100 Wi-Fi gateway devices that could allow attackers to bypass authentication controls from within a local network. Tracked as CVE-2025-51381 …

Published Date:
Jun 19, 2025 (2 hours, 25 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-51381

Source: Read More

Previous ArticleSSRF Flaw (CVE-2025-6087) in OpenNext for Cloudflare Allows Unauthenticated Content Proxying

Next Article FOSS Weekly #25.25: Nitrux Hyprland, Joplin Tips, Denmark Ditching Microsoft, Tiling Moves and More Linux Stuff

Highlights

CVE-2025-49137 – HAX CMS Cross-Site Scripting (XSS)

June 9, 2025

CVE ID : CVE-2025-49137

Published : June 9, 2025, 9:15 p.m. | 2 hours, 44 minutes ago

Description : HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, the application does not sufficiently sanitize user input, allowing for the execution of arbitrary JavaScript code. The ‘saveNode’ and ‘saveManifest’ endpoints take user input and store it in the JSON schema for the site. This content is then rendered in the generated HAX site. Although the application does not allow users to supply a `script` tag, it does allow the use of other HTML tags to run JavaScript. Version 11.0.0 fixes the issue.

Severity: 8.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

Critical Auth Bypass Vulnerability (CVE-2025-51381) Found in KAON KCM3100 Gateways

Critical Auth Bypass Vulnerability (CVE-2025-51381) Found in KAON KCM3100 Gateways

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

CVE-2025-4062 – Apache Code-Projects Theater Seat Booking System Stack-Based Buffer Overflow Vulnerability

CVE-2025-6493 – CodeMirror Markdown Mode Regular Expression Complexity Remote Vulnerability

CVE-2025-53332 – Ethoseo Track Everything CSRF Stored XSS

5 Reasons Device Management Isn’t Device Trust

CVE-2025-49137 – HAX CMS Cross-Site Scripting (XSS)

CVE-2025-5419 Zero-Day Vulnerability in Chrome’s V8 Engine

Why Enterprises Are Choosing AI-Driven React.js Development Companies in 2025

5 Game-Changing Ways Generative AI Is Redefining Retail Experiences🛍️

Critical Auth Bypass Vulnerability (CVE-2025-51381) Found in KAON KCM3100 Gateways

Critical Auth Bypass Vulnerability (CVE-2025-51381) Found in KAON KCM3100 Gateways

Related Posts