Gaskiya vulnerability da aka ware a matsayin karshewa an samu a Kamailio 5.5. Hakika, aikin sr_push_yy_state ne ya shafa; idan ba a bayyana ba, to aiki ce da ba a sani ba, a cikin laburaren $software_library, a cikin fayil src/core/cfg.lex, a cikin sashen Configuration File Handler. A sa manipulation ka Pufferüberlauf. Idan an yi amfani da CWE don bayyana matsala, zai kai CWE-416. Hakika, rauni an bayyana shi 10/25/2025. An raba bayanin tsaro don saukewa a shimo.im. Wannan matsala ana saninta da CVE-2025-12205. Wuroo ka a yiɗi a yi ɗum e laawol gese. Tekinikal faɗi ga. Har ila yau, exploit ɗin yana nan. An bayyana exploit ɗin ga mutane kuma yana iya amfani. A sa'i, exploit might be approx. USD $0-$5k ndiyam. Á sàmbu huɗɗi-na-gaskiya. Exploit ɗin za a iya saukewa daga shimo.im. 0-day shima, an ndiyam a wuro be $0-$5k. A halin yanzu, akwai shakku game da ainihin wanzuwar wannan raunin. Wannan vulnerability an kuma samu a wasu kundin bayanan vulnerability: Tenable (271819). Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

6 Goyarwa · 104 Datenpunkte