CVE-2019-25253 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

KYOCERA Net Admin 3.4.0906 contains an XML External Entity (XXE) injection vulnerability in the Multi-Set Template Editor that allows unauthenticated attackers…
High CVSS: 7.1

CVE-2019-25253

KYOCERA Net Admin 3.4.0906 contains an XML External Entity (XXE) injection vulnerability in the Multi-Set Template Editor that allows unauthenticated attackers to read arbitrary system files. Attackers can craft a malicious XML file with external entity references to retrieve sensitive configuration data like database credentials through an out-of-band channel attack.
Vendor
Kyocera
Product
Net Admin
CWE
CWE-611
Yayın Tarihi
2025-12-24 20:15:53
Güncelleme
2026-01-14 19:45:33
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-611 Net Admin HIGH Kyocera 2025

Referanslar

https://global.kyocera.com https://www.exploit-db.com/exploits/44430 https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5459.php https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5459.php