CVE-2025-49163 | Arris VIP1113 up to 2025-05-30 KreaTV SDK /usr/bin/gunzip improper protection of alternate path

Inserito da Angelo Barbosa | Giu 3, 2025 | CVE

A vulnerability was found in Arris VIP1113 up to 2025-05-30. It has been rated as critical. Affected by this issue is some unknown functionality of the file /usr/bin/gunzip of the component KreaTV SDK. The manipulation leads to improper protection of alternate path.

This vulnerability is handled as CVE-2025-49163. It is possible to launch the attack on the local host. There is no exploit available.

CVE-2025-49163 | Arris VIP1113 up to 2025-05-30 KreaTV SDK /usr/bin/gunzip improper protection of alternate path

Post correlati

CVE-2024-41656 | getsentry up to 24.7.0 cross site scripting (GHSA-fm88-hc3v-3www)

CVE-2024-1499 | ThemeIsle Orbit Fox Plugin up to 2.10.30 on WordPress cross site scripting

CVE-2024-56043 | WPLMS Theme Plugin on WordPress Role improper authentication

CVE-2024-28100 | eLabFTW up to 4.x Files cross site scripting