CVE-2025-64123 | Nuvation Energy nCloud VPN Service confused deputy

Inserito da Angelo Barbosa | Gen 2, 2026 | CVE

A vulnerability was found in Nuvation Energy nCloud VPN Service. It has been declared as very critical. Affected by this issue is some unknown functionality. The manipulation results in unintended intermediary.

This vulnerability is known as CVE-2025-64123. It is possible to launch the attack remotely. No exploit is available.

It is recommended to upgrade the affected component.

CVE-2025-64123 | Nuvation Energy nCloud VPN Service confused deputy

Post correlati

CVE-2025-27847 | ESPEC North America Web Controller 3 up to 3.3.7 /api/v4/auth/ privilege escalation

CVE-2024-40633 | Sylius up to 1.12.18/1.13.3 on Symfony {id} information disclosure

CVE-2024-28048 | Fortunefield ffBull 4.11 os command injection

CVE-2025-8829 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 up to 20250801 /goform/RP_setBasicAuto um_red hname os command injection