CVE-2025-48208 | Apache Hertzbeat up to 1.7.1 JNDI ldap injection

Inserito da Angelo Barbosa | Set 6, 2025 | CVE

A vulnerability classified as critical was found in Apache Hertzbeat up to 1.7.1. This impacts an unknown function of the component JNDI Handler. The manipulation results in ldap injection.

This vulnerability is known as CVE-2025-48208. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is advised.

CVE-2025-48208 | Apache Hertzbeat up to 1.7.1 JNDI ldap injection

Post correlati

CVE-2025-47445 | Themewinter Eventin Plugin up to 4.0.26 on WordPress path traversal

CVE-2024-42815 | TP-LINK RE365 V1_180213 /usr/bin/httpd USER_AGENT buffer overflow

CVE-2024-40101 | Microweber up to 2.0.15 /search keywords cross site scripting

CVE-2024-13670 | efreja Music Sheet Viewer Plugin up to 4.1 on WordPress Shortcode pn_msv cross site scripting