SuiteCRM 7
Description
SuiteCRM 7
Remediation
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Search and filter 17282 vulnerabilities with AI analyst insights
SuiteCRM 7
SuiteCRM 7
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
ResourceSpace 8
ResourceSpace 8
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
R i386 3
R i386 3
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Core FTP/SFTP Server 1
Core FTP/SFTP Server 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
UniFi Network Controller before version 5
UniFi Network Controller before version 5
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Ubiquiti UniFi Network Controller prior to 5
Ubiquiti UniFi Network Controller prior to 5
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
River Past CamDo 3
River Past CamDo 3
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
PhreeBooks ERP 5
PhreeBooks ERP 5
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Tabs Mail Carrier 2.5.1 contains a buffer overflow vulnerability in the MAIL FROM SMTP command that allows remote attackers to execute arbitrary code...
Tabs Mail Carrier 2.5.1 contains a buffer overflow vulnerability in the MAIL FROM SMTP command that allows remote attackers to execute arbitrary code by sending a crafted MAIL FROM parameter. Attackers can connect to the SMTP service on port 25 and send a malicious MAIL FROM command with an oversized buffer to overwrite the EIP register and execute a bind shell payload.
---METADATA---
VENDOR: Tabs
PRODUCT: Mail Carrier
AFFECTED_VERSIONS: 2.5.1
CONFIDENCE: high
MISSING: patch
---END_METADATA---
Description Summary:
Tabs Mail Carrier 2.5.1 contains a buffer overflow vulnerability in the SMTP MAIL FROM command that allows remote unauthenticated attackers to execute arbitrary code.
Executive Summary:
A critical buffer overflow in Tabs Mail Carrier 2.5.1 allows unauthenticated remote attackers to execute arbitrary code via the SMTP service.
Vulnerability Details
CVE-ID: CVE-2019-25646
Affected Software: Tabs Mail Carrier
Affected Versions: 2.5.1
Vulnerability: A buffer overflow exists in the processing of the SMTP MAIL FROM command, where an oversized buffer can overwrite the EIP register. This allows an unauthenticated attacker to inject and execute a bind shell payload remotely via port 25.
Business Impact
With a CVSS score of 9.8, this vulnerability represents a critical risk, as it allows for full system takeover without requiring authentication. Compromise could result in complete unauthorized access to mail servers, interception of sensitive communications, and further lateral movement within the corporate network.
Remediation Plan
Immediate Action: Identify and restrict access to the SMTP service on port 25 while seeking a vendor-supplied patch or upgrading to a secure version.
Proactive Monitoring: Monitor SMTP traffic logs for unusually large MAIL FROM commands or unexpected connection attempts to the mail server.
Compensating Controls: Deploy a Web Application Firewall or an SMTP proxy capable of inspecting and filtering oversized or malformed SMTP commands to prevent the buffer overflow from reaching the application.
Exploitation Status
Public Exploit Available: Unknown
Analyst Notes: As of Mar 24, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the ease of exploitation and the high severity, immediate remediation is required for all instances of Tabs Mail Carrier 2.5.1. Restricting network access to the vulnerable SMTP port is a mandatory temporary measure until a permanent patch is applied.
Update the MAIL Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
eNdonesia Portal v8
eNdonesia Portal v8
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Bootstrapy CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting mali...
Bootstrapy CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through POST parameters
Apply vendor patches immediately. Review database access controls and enable query logging.
Netartmedia Vlog System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL...
Netartmedia Vlog System contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the email parameter
Apply vendor patches immediately. Review database access controls and enable query logging.
Inout Article Base CMS contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through the 'p' and...
Inout Article Base CMS contains SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through the 'p' and 'u' parameters
Apply vendor patches immediately. Review database access controls and enable query logging.
Matrimony Website Script M-Plus contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by...
Matrimony Website Script M-Plus contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries by injecting SQL code through various POST parameters
Apply vendor patches immediately. Review database access controls and enable query logging.
X-NetStat Pro 5
X-NetStat Pro 5
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Zeeways Jobsite CMS contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code...
Zeeways Jobsite CMS contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'id' GET parameter
Apply vendor patches immediately. Review database access controls and enable query logging.
Zeeways Matrimony CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through the...
Zeeways Matrimony CMS contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to manipulate database queries through the profile_list endpoint
Apply vendor patches immediately. Review database access controls and enable query logging.
Base64 Decoder 1
Base64 Decoder 1
---METADATA---
VENDOR: Base64 Decoder
PRODUCT: Base64 Decoder
AFFECTED_VERSIONS: 1.1.2
---END_METADATA---
Description Summary:
A stack-based buffer overflow in Base64 Decoder allows local attackers to execute arbitrary code via crafted input.
Executive Summary:
A local buffer overflow vulnerability in Base64 Decoder version 1.1.2 permits arbitrary code execution, requiring immediate software replacement or mitigation.
Vulnerability Details
CVE-ID: CVE-2019-25634
Affected Software: Base64 Decoder
Affected Versions: 1.1.2
Vulnerability: The application contains a stack-based buffer overflow that can be triggered by a local attacker providing a specifically crafted input file. By overwriting the Structured Exception Handler (SEH) with an egghunter payload, an attacker can achieve arbitrary code execution within the context of the application.
Business Impact
With a CVSS score of 8.4, this vulnerability presents a high risk for local privilege escalation or system compromise. If the vulnerable utility is used in automated processing pipelines, an attacker could potentially achieve remote code execution (RCE) by delivering a malicious file to the processing server, leading to full system compromise.
Remediation Plan
Immediate Action: Discontinue the use of Base64 Decoder version 1.1.2 and migrate to a secure, actively maintained alternative.
Proactive Monitoring: Monitor file integrity and execution logs on systems where this utility is installed to detect unexpected process behaviors.
Compensating Controls: Use application whitelisting or restrict execution permissions to prevent unauthorized users from running the vulnerable utility.
Exploitation Status
Public Exploit Available: True
Analyst Notes: As of June 4, 2026, there is no public information indicating active exploitation of this vulnerability. However, the presence of a public exploit makes the risk of exploitation high.
Analyst Recommendation
Due to the age of the software and the nature of the buffer overflow, remediation should focus on replacing the utility entirely. Organizations should audit their environments to identify and remove this legacy software to eliminate the associated security risk.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
AIDA64 Extreme 5
AIDA64 Extreme 5
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
AIDA64 Business 5
AIDA64 Business 5
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
PhreeBooks ERP 5
PhreeBooks ERP 5
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
AIDA64 Extreme 5
AIDA64 Extreme 5
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Download Accelerator Plus DAP 10.0.6.0 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute a...
Download Accelerator Plus DAP 10.0.6.0 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by crafting malicious URLs. Attackers can create specially crafted URLs with overflowing buffer data that overwrites SEH pointers and executes embedded shellcode when imported through the application's web page import functionality.
---METADATA---
VENDOR: Download Accelerator
PRODUCT: Download Accelerator Plus (DAP)
AFFECTED_VERSIONS: 10.0.6.0
CONFIDENCE: high
MISSING: patch
---END_METADATA---
Description Summary:
Download Accelerator Plus 10.0.6.0 is vulnerable to a structured exception handler (SEH) buffer overflow, allowing remote attackers to execute arbitrary code via crafted URLs.
Executive Summary:
A critical buffer overflow in Download Accelerator Plus 10.0.6.0 allows remote attackers to execute arbitrary code through malicious URL processing.
Vulnerability Details
CVE-ID: CVE-2019-25628
Affected Software: Download Accelerator Plus (DAP)
Affected Versions: 10.0.6.0
Vulnerability: The application contains a structured exception handler (SEH) buffer overflow vulnerability triggered during the import of web page URLs. By crafting a URL with excessive data, an unauthenticated attacker can overwrite SEH pointers, leading to the execution of embedded shellcode.
Business Impact
The CVSS score of 9.8 reflects the high risk of this vulnerability, which enables remote code execution on the user's workstation. A successful exploit could lead to full system compromise, the installation of malware, and the theft of sensitive user credentials or local data.
Remediation Plan
Immediate Action: Cease use of the affected version of Download Accelerator Plus and verify if an update or vendor-provided patch is available.
Proactive Monitoring: Monitor endpoint execution logs for suspicious child processes spawned by the DAP application or unexpected network connections originating from the software.
Compensating Controls: Disable the application's "web page import" functionality via group policy or configuration if possible, and ensure endpoint protection software is updated to detect malicious shellcode patterns.
Exploitation Status
Public Exploit Available: Unknown
Analyst Notes: As of Mar 24, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This vulnerability is highly dangerous due to its potential for remote code execution. Organizations should immediately audit their environments for this specific version of Download Accelerator Plus and remove or update the software to eliminate the risk of exploitation.
Update Download Accelerator Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
FlexHEX 2
FlexHEX 2
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
River Past Cam Do 3
River Past Cam Do 3
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
FTP Shell Server 6
FTP Shell Server 6
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Lavavo CD Ripper 4
Lavavo CD Ripper 4
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Free Float FTP 1.0 contains a buffer overflow in the STOR command handler, enabling remote attackers to execute arbitrary code via a crafted payload.
Free Float FTP 1.0 contains a buffer overflow in the STOR command handler, enabling remote attackers to execute arbitrary code via a crafted payload.
---METADATA---
VENDOR: Free Float
PRODUCT: FTP Server
AFFECTED_VERSIONS: 1.0
---END_METADATA---
Description Summary:
Free Float FTP 1.0 contains a buffer overflow in the STOR command handler, enabling remote attackers to execute arbitrary code via a crafted payload.
Executive Summary:
A critical buffer overflow vulnerability in Free Float FTP 1.0 allows remote attackers to execute arbitrary code with the privileges of the FTP service.
Vulnerability Details
CVE-ID: CVE-2019-25614
Affected Software: Free Float FTP Server
Affected Versions: 1.0
Vulnerability: This is a stack-based buffer overflow vulnerability residing in the STOR command handler. An attacker can authenticate using anonymous credentials and send a malicious STOR request containing 247 bytes of padding followed by a return address and shellcode to hijack the execution flow.
Business Impact
The impact of this vulnerability is severe, as it allows for Remote Code Execution (RCE) on the host server. An attacker gaining code execution can move laterally through the network, steal sensitive data, or deploy ransomware. The CVSS score of 9.8 reflects the ease of exploitation (anonymous access) and the total loss of system confidentiality, integrity, and availability.
Remediation Plan
Immediate Action: Discontinue the use of Free Float FTP 1.0 immediately and migrate to a modern, supported FTP or SFTP solution, as this software is legacy and highly insecure.
Proactive Monitoring: Monitor network traffic for oversized FTP STOR commands and review server logs for unexpected service crashes or unauthorized shell activity.
Compensating Controls: If immediate decommissioning is not possible, restrict FTP access to known IP addresses via a firewall and disable anonymous authentication.
Exploitation Status
Public Exploit Available: true
Analyst Notes: As of March 22, 2026, this is a late-disclosure entry for an older product. Public exploits are available, and the vulnerability is well-understood, making the risk of exploitation by script kiddies and automated scanners extremely high for any internet-facing instances.
Analyst Recommendation
Given that Free Float FTP 1.0 is an obsolete product with known public exploits, the only viable recommendation is to replace it immediately. The presence of a 9.8 CVSS score and public exploit code makes this a high-priority target for attackers.
Update the STOR Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
Easy Chat Server 3
Easy Chat Server 3
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Admin Express 1
Admin Express 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
MiniFtp contains a buffer overflow vulnerability in the parseconf_load_setting function that allows local attackers to execute arbitrary code by suppl...
MiniFtp contains a buffer overflow vulnerability in the parseconf_load_setting function that allows local attackers to execute arbitrary code by supplying oversized configuration values
---METADATA---
VENDOR: MiniFtp
PRODUCT: MiniFtp
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
MiniFtp contains a buffer overflow vulnerability in the parseconf_load_setting function. This flaw allows local attackers to execute arbitrary code by providing oversized configuration values.
Executive Summary:
A high-severity buffer overflow in MiniFtp allows local users to escalate privileges and execute arbitrary code by exploiting the configuration parsing mechanism.
Vulnerability Details
CVE-ID: CVE-2019-25611
Affected Software: MiniFtp MiniFtp
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: A buffer overflow exists in the parseconf_load_setting function of MiniFtp. This vulnerability is exploitable by a local, authenticated attacker who can supply oversized configuration values, leading to memory corruption and arbitrary code execution.
Business Impact
While the attack requires local access, the ability to execute arbitrary code typically leads to full system compromise and privilege escalation. With a CVSS score of 8.4, the risk to internal system integrity and the confidentiality of hosted files is high, particularly in multi-user environments.
Remediation Plan
Immediate Action: Apply the latest security updates for MiniFtp that include bounds checking for the parseconf_load_setting function.
Proactive Monitoring: Monitor for unauthorized changes to FTP configuration files and review system audit logs for unusual process executions originating from the MiniFtp service.
Compensating Controls: Use filesystem permissions to strictly limit who can modify configuration files and employ security software that detects buffer overflow attempts (e.g., DEP/ASLR).
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of March 23, 2026, there is no public information indicating active exploitation. This is a late-disclosure vulnerability, and the technical details provided make it a prime candidate for exploit development.
Analyst Recommendation
Despite the local requirement for exploitation, the high CVSS score of 8.4 demands immediate remediation. Administrators should patch MiniFtp immediately to prevent local attackers from gaining elevated control over the server.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
JetAudio jetCast Server 2
JetAudio jetCast Server 2
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Iperius Backup 6
Iperius Backup 6
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Axessh 4
Axessh 4
---METADATA---
VENDOR: Axessh
PRODUCT: Axessh 4
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A high-severity vulnerability has been identified in Axessh 4. This security flaw could allow for unauthorized remote access or command execution via the SSH service.
Executive Summary:
A critical vulnerability in Axessh 4 exposes systems to potential unauthorized remote access and full system compromise.
Vulnerability Details
CVE-ID: CVE-2019-25607
Affected Software: Axessh Axessh 4
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This is a late-disclosure vulnerability affecting the Axessh 4 Windows SSH server. The CVSS score of 8.4 indicates a high-severity flaw, likely involving an authentication bypass or a memory corruption issue reachable during the SSH handshake or session initialization.
Business Impact
An exploit targeting an SSH server is extremely dangerous as it can provide an attacker with a direct foothold into the underlying operating system. The potential for data exfiltration, ransomware deployment, and lateral movement is high, justifying the 8.4 CVSS severity rating.
Remediation Plan
Immediate Action: Immediately upgrade to a supported version of Axessh or migrate to a modern, actively maintained SSH solution if patches are unavailable.
Proactive Monitoring: Review SSH logs for excessive failed login attempts, unusual source IP addresses, or successful logins at non-standard hours.
Compensating Controls: Implement network-level access control lists (ACLs) to restrict SSH access to specific management IPs and enforce Multi-Factor Authentication (MFA) where possible.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of March 23, 2026, there is no public information indicating active exploitation. However, because this is a late disclosure of a 2019 flaw, it is possible that sophisticated actors have been aware of the issue for some time.
Analyst Recommendation
The severity of an SSH-based vulnerability cannot be overstated. Organizations must immediately identify all instances of Axessh 4 and apply necessary updates or replace the software to prevent remote system exploitation.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
EquityPandit 1
EquityPandit 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
DVDXPlayer Pro 5
DVDXPlayer Pro 5
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
TuneClone 2
TuneClone 2
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
i-doit CMDB 1
i-doit CMDB 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
ownDMS 4
ownDMS 4
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
phpTransformer 2016
phpTransformer 2016
---METADATA---
VENDOR: phpTransformer
PRODUCT: phpTransformer 2016
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A security vulnerability has been identified in phpTransformer 2016. The flaw could allow an attacker to compromise the integrity or availability of the application.
Executive Summary:
A high-severity vulnerability in phpTransformer 2016 poses a significant risk to application security and could lead to unauthorized system manipulation.
Vulnerability Details
CVE-ID: CVE-2019-25579
Affected Software: phpTransformer phpTransformer 2016
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This entry represents a late-disclosure vulnerability in the phpTransformer 2016 platform. While specific technical details are limited in the current disclosure, the high CVSS score suggests a critical flaw potentially reachable by an unauthenticated remote attacker.
Business Impact
A successful exploit could lead to full application compromise, unauthorized data access, or service disruption. With a CVSS score of 7.5, this high-severity issue may result in significant reputational damage and the loss of sensitive user information if left unaddressed. The late disclosure nature of this entry implies that systems have been vulnerable for an extended period.
Remediation Plan
Immediate Action: Administrators should apply the latest security updates or patches provided by the phpTransformer development team immediately to mitigate this risk.
Proactive Monitoring: Monitor web server logs for unusual traffic patterns, specifically focusing on unexpected POST requests or scripts executing in the phpTransformer directory.
Compensating Controls: Implement a Web Application Firewall (WAF) to filter malicious traffic and restrict access to the application management interface to known IP addresses.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of March 23, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw and its high-severity rating, the potential for exploitation remains a significant concern for legacy installations.
Analyst Recommendation
The high CVSS score of 7.5 necessitates urgent attention despite the age of the software. Organizations utilizing phpTransformer 2016 should prioritize updating to a supported version or applying vendor-supplied patches immediately to ensure the security of their web environment.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
phpTransformer 2016
phpTransformer 2016
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Kepler Wallpaper Script 1
Kepler Wallpaper Script 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
SimplePress CMS 1
SimplePress CMS 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Green CMS 2
Green CMS 2
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Memu Play 6.0.7 contains an insecure file permissions flaw allowing low-privilege users to escalate to SYSTEM privileges by overwriting the MemuServic...
Memu Play 6.0.7 contains an insecure file permissions flaw allowing low-privilege users to escalate to SYSTEM privileges by overwriting the MemuService.exe binary in the installation directory.
---METADATA---
VENDOR: Memu Play
PRODUCT: Memu Play
AFFECTED_VERSIONS: 6.0.7
---END_METADATA---
Description Summary:
Memu Play 6.0.7 contains an insecure file permissions flaw allowing low-privilege users to escalate to SYSTEM privileges by overwriting the MemuService.exe binary in the installation directory.
Executive Summary:
A critical privilege escalation vulnerability in Memu Play allows local users with minimal permissions to gain full system-level control by replacing a core service executable.
Vulnerability Details
CVE-ID: CVE-2019-25568
Affected Software: Memu Play
Affected Versions: 6.0.7
Vulnerability: This vulnerability stems from insecure file system permissions within the application's installation directory. A local, authenticated attacker with low privileges can rename or overwrite the MemuService.exe file with a malicious payload, which is subsequently executed with SYSTEM-level authority upon the next service restart or system reboot.
Business Impact
A successful exploit results in a total compromise of the affected workstation's integrity and confidentiality. By achieving SYSTEM privileges, an attacker can install persistent malware, bypass security controls, and access sensitive data stored on the machine. The CVSS score of 9.8 reflects the critical nature of this flaw, as it provides a reliable path for local lateral movement and complete system takeover.
Remediation Plan
Immediate Action: Update Memu Play to the latest available version immediately to ensure file permissions are correctly hardened.
Proactive Monitoring: Monitor for unauthorized modifications to files within the C:\Program Files\Microvirt\MEmu (or equivalent) directory and audit service restart events for unexpected binary execution.
Compensating Controls: Implement Endpoint Detection and Response (EDR) solutions to detect and block the execution of unsigned or suspicious binaries originating from service-related directories.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of Mar 21, 2026, there is no public information indicating active exploitation of this vulnerability. However, the technical simplicity of replacing a service binary makes the potential for exploitation high once the flaw is known to local threat actors.
Analyst Recommendation
The severity of this privilege escalation vulnerability necessitates immediate remediation. Organizations should prioritize updating all Memu Play installations to the latest version. Failure to address this flaw allows any user on a multi-user system to gain administrative control, significantly increasing the risk of ransomware deployment and internal data theft.
Update Memu Play Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
Lyric Video Creator 2
Lyric Video Creator 2
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
CEWE PHOTO SHOW 6
CEWE PHOTO SHOW 6
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Netartmedia Real Estate Portal 5
Netartmedia Real Estate Portal 5
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Netartmedia Real Estate Portal 5
Netartmedia Real Estate Portal 5
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Netartmedia PHP Mall 4
Netartmedia PHP Mall 4
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
---METADATA---
VENDOR: River Past
PRODUCT: CamDo 3
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
River Past CamDo 3 contains a high-severity vulnerability that could lead to unauthorized system access or execution. This late-disclosure entry requires immediate review for legacy systems.
Executive Summary:
A critical vulnerability in the River Past CamDo 3 application poses a significant risk of system compromise, requiring immediate remediation for any remaining installations of this software.
Vulnerability Details
CVE-ID: CVE-2019-25650
Affected Software: River Past CamDo 3
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects River Past CamDo 3, a legacy multimedia application. While specific technical details are limited in the disclosure, the high CVSS score indicates a flaw likely involving improper input handling or memory management that could be leveraged by an attacker.
Business Impact
With a CVSS score of 8.4, this vulnerability represents a High-severity risk to business operations. Exploitation could lead to full system compromise, loss of sensitive data, or unauthorized access to the host environment. Because this is a late disclosure for an older product, organizations may be running vulnerable software without active support, increasing the risk of unpatched exposure.
Remediation Plan
Immediate Action: Due to the age of the product and the severity of the flaw, the primary recommendation is to decommission River Past CamDo 3 and migrate to a modern, supported alternative.
Proactive Monitoring: If the software must remain in use, monitor the host system for unusual process execution or unauthorized network connections originating from the application.
Compensating Controls: Isolate any systems running this software from the internet and restrict internal access using host-based firewalls and strict user privilege limitations.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of March 27, 2026, there is no public information indicating active exploitation of this vulnerability. However, the "late disclosure" status suggests that security researchers or attackers may have been aware of this flaw for some time, making immediate action necessary.
Analyst Recommendation
Legacy software is a frequent target for attackers because it often lacks modern security mitigations. Organizations should immediately identify any instances of River Past CamDo 3 and remove them from the environment to eliminate this high-severity risk.