GNU Inetutils Telnetd Remote Authentication Bypass Vulnerability Volerion Risk Score: 8 Why this matters A flaw in GNU Inetutils telnetd (versions 1.9.3–2.7) lets a remote client bypass authentication entirely by sending the USER=-f root environment variable. Successful exploitation grants a shell running as root, enabling full system compromise without any credentials. Recommended actions Disable the telnetd service entirely whenever possible. If telnet access is required, configure a custom...

libsoup WebSocket Out-of-Bounds Read Vulnerability Volerion Risk Score: 8.2 Why this matters When max_incoming_payload_size is left unset (or set to 0), a remote attacker can send crafted WebSocket frames that cause the libsoup function process_frame() to read outside a buffer. This out-of-bounds read may crash applications using libsoup or leak memory contents, exposing sensitive information and setting the stage for more severe exploits. Recommended actions Configure applications to set...

OWASP Core Rule Set Multipart Request Processing Vulnerability in Rule 922110 Volerion Risk Score: 7.4 Why this matters In affected versions of the OWASP Core Rule Set (CRS), rule 922110 keeps only the last Content-Type charset it encounters when inspecting multipart requests. An attacker can therefore smuggle a malicious charset (e.g. utf-7) into an earlier part and overwrite it with a benign value later in the request, bypassing the intended WAF protection and allowing harmful payloads to...