CVE-2025-48890 – Western Digital WRH-733 Miniigd OS Command Injection

June 24, 2025

CVE ID : CVE-2025-48890

Published : June 24, 2025, 5:15 a.m. | 4 hours, 44 minutes ago

Description : WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS command (‘OS Command Injection’) vulnerability in miniigd SOAP service. If a remote unauthenticated attacker sends a specially crafted request to the affected product, an arbitrary OS command may be executed.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-41427 – WRC-X3000GS, WRC-X3000GSA, and WRC-X3000GSN OS Command Injection Vulnerability in Connection Diagnostics Page

Next Article CVE-2025-43877 – WRC-1167GHBK2-S WebGUI Cross-Site Scripting (XSS)

Highlights

CVE-2025-5488 – WordPress WP Masonry & Infinite Scroll Stored Cross-Site Scripting Vulnerability

June 26, 2025

CVE ID : CVE-2025-5488

Published : June 26, 2025, 2:15 a.m. | 2 hours, 52 minutes ago

Description : The WP Masonry & Infinite Scroll plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘wmis’ shortcode in all versions up to, and including, 2.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Severity: 6.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The AI Fix #57: AI is the best hacker in the USA, and self-learning AI

July 1, 2025

Ruckus network management solutions riddled with unpatched vulnerabilities

July 10, 2025

Huawei Noah’s Ark Lab Released Dream 7B: A Powerful Open Diffusion Reasoning Model with Advanced Planning and Flexible Inference Capabilities

April 9, 2025

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-48890 – Western Digital WRH-733 Miniigd OS Command Injection

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

I finally tested a “SteamOS” Legion Go S — it’s the perfect handheld gaming PC if you don’t mind these three things

CVE-2025-48783 – Soar Cloud HRD Human Resource Management System File Path Traversal Vulnerability

ASCII Draw lets you sketch anything using characters

Unified Training Tracking

CVE-2025-5488 – WordPress WP Masonry & Infinite Scroll Stored Cross-Site Scripting Vulnerability

The AI Fix #57: AI is the best hacker in the USA, and self-learning AI

Ruckus network management solutions riddled with unpatched vulnerabilities

Huawei Noah’s Ark Lab Released Dream 7B: A Powerful Open Diffusion Reasoning Model with Advanced Planning and Flexible Inference Capabilities

CVE-2025-48890 – Western Digital WRH-733 Miniigd OS Command Injection

Related Posts