CVE-2025-24521 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

External XML entity injection allows arbitrary download of files. The score without least privilege principle violation is as calculated below. In combination…
Medium CVSS: 6.9

CVE-2025-24521

External XML entity injection allows arbitrary download of files. The
score without least privilege principle violation is as calculated
below. In combination with other issues it may facilitate further
compromise of the device. Remediation in Version 6.8.0, release date:
01-Mar-25.
Vendor
-
Product
-
CWE
CWE-611
Yayın Tarihi
2025-03-05 16:15:39
Güncelleme
2025-03-05 16:15:39
Source Identifier
ics-cert@hq.dhs.gov
KEV Date Added
-

Kategoriler

CWE-611 MEDIUM 2025

Referanslar

https://support.ixiacom.com/ https://support.ixiacom.com/support-overview/product-support/downloads-updates https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-02 https://www.keysight.com/us/en/contact.html