Disposal Advisory for Apache Tomcat Remote Code Execution Vulnerability (CVE-2025-24813)

March 25, 2025 | NSFOCUS

Vulnerability Overview Apache Tomcat Remote Code Execution Vulnerability (CVE-2025-24813) NSFOCUS Detection Methods NSFOCUS Remote Security Assessment System (RSAS), Web Vulnerability Scanning System (WVSS) and Network Intrusion Detection System (IDS) have the ability to scan and detect this vulnerability. Users who deploy the above devices are requested to upgrade to the latest version. Upgrade site: NSFOCUS_Product Support Service_Product Upgrade  […]

Next.js Middleware Permission Bypass Vulnerability (CVE-2025-29927)

March 25, 2025 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that Next.js issued a security announcement and fixed the middleware permission bypass vulnerability (CVE-2025-29927). Because Next.js lacks effective verification of the source of the x-middleware-subrequest header, when configuring to use middleware for authentication and authorization, an unauthenticated attacker can bypass system permission controls by manipulating the x-middleware-subrequest header to access […]

NSFOCUS Unveils AI-Driven Security Solutions at HKIB 2025 Cybersecurity Solutions Day

March 21, 2025 | NSFOCUS

Hong Kong, March 21, 2025 – The Hong Kong Institute of Bankers (HKIB) 2025 Cybersecurity Solutions Day kicked off on March 20, drawing over 600 executives and experts from financial institutions and cybersecurity domains to explore strategies for bolstering the financial sector’s security posture. NSFOCUS, a global leader in cybersecurity, marked its third consecutive participation in […]

Windows File Explorer Spoofing Vulnerability (CVE-2025-24071)

March 19, 2025 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that Microsoft released a security announcement and fixed the spoofing vulnerability of Windows File Explorer (CVE-2025-24071), with a CVSS score of 7.5. Due to the implicit trust and automatic file parsing behavior of .library-ms files by Windows Explorer, unauthenticated attackers can save files by constructing RAR/ZIP with an embedded malicious […]

Ollama Unauthorized Access Vulnerability Due to Improper Configuration (CNVD-2025-04094)

March 13, 2025 | NSFOCUS

Overview Recently, NSFOCUS detected that Ollama improperly configured and unauthorized access vulnerabilities were disclosed online (CNVD-2025-04094); Because Ollama does not have authentication and access control functions by default, when a user opens the service (port 11434 by default) to the public network, an unauthenticated attacker can directly call its API interface to steal sensitive model […]

Apache Tomcat Remote Code Execution Vulnerability (CVE-2025-24813)

March 11, 2025 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that Apache issued a security announcement and fixed the remote code execution vulnerability of Apache Tomcat (CVE-2025-24813). An unauthenticated attacker can execute arbitrary code to gain server privileges when the application has servlet write enabled (disabled by default), uses Tomcat file session persistence and a default storage location, and contains […]

Imagem que ilustra um ataque DDoS nas nuvens.

The Invisible Battlefield Behind LLM Security Crisis

March 10, 2025 | NSFOCUS

Overview In recent years, with the wide application of open-source LLMs such as DeepSeek and Ollama, global enterprises are accelerating the private deployment of LLMs. This wave not only improves the efficiency of enterprises, but also increases the risk of data security leakage. According to NSFOCUS Xingyun Lab, from January to February 2025 alone, five […]

VMware ESXi & Workstation & Fusion Multiple High-risk Vulnerabilities (CVE-2025-22224/CVE-2025-22225/CVE-2025-22226)

March 5, 2025 | NSFOCUS

Overview Recently, NSFOCUS CERT detected that VMware issued a security announcement and fixed multiple high-risk vulnerabilities (CVE-2025-22224/CVE-2025-22225/CVE-2025-22226) in VMware ESXi&Workstation&Fusion. At present, all the 3 vulnerabilities have been found to be exploited in the wild. Please take protective measures as soon as possible. CVE-2025-22224: There is a TOCTOU (CheckTime-of-use) write vulnerability in VMware ESXi and […]

NSFOCUS Selected in Frost Radar™: Modern Security Information and Event Management, 2024

March 5, 2025 | NSFOCUS

Santa Clara, Calif. Feb 26, 2024 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced that it has been featured in Frost Radar™: Modern Security Information and Event Management, 2024 released by Frost & Sullivan, an internationally renowned market research institution, and became the only vendor in the Asia-Pacific region selected for this report. According to […]

Imagem que ilustra funcionários usando inteligência artificial na empresa.

LLMs Are Posing a Threat to Content Security

March 4, 2025 | NSFOCUS

With the wide application of large language models (LLM) in various fields, their potential risks and threats have gradually become prominent. “Content security” caused by inaccurate or misleading information is becoming a security concern that cannot be ignored. Unfairness and bias, adversarial attacks, malicious code generation, and exploitation of security vulnerabilities continue to raise risk […]

Search

Subscribe to the NSFOCUS Blog