Ollama Unauthorized Access Vulnerability Due to Improper Configuration (CNVD-2025-04094)
março 13, 2025
Overview Recently, NSFOCUS detected that Ollama improperly configured and unauthorized access vulnerabilities were disclosed online (CNVD-2025-04094); Because Ollama does not have authentication and access control functions by default, when a user opens the service (port 11434 by default) to the public network, an unauthenticated attacker can directly call its API interface to steal sensitive model […]
Apache Tomcat Remote Code Execution Vulnerability (CVE-2025-24813)
março 11, 2025
Overview Recently, NSFOCUS CERT detected that Apache issued a security announcement and fixed the remote code execution vulnerability of Apache Tomcat (CVE-2025-24813). An unauthenticated attacker can execute arbitrary code to gain server privileges when the application has servlet write enabled (disabled by default), uses Tomcat file session persistence and a default storage location, and contains […]
The Invisible Battlefield Behind LLM Security Crisis
março 10, 2025
Overview In recent years, with the wide application of open-source LLMs such as DeepSeek and Ollama, global enterprises are accelerating the private deployment of LLMs. This wave not only improves the efficiency of enterprises, but also increases the risk of data security leakage. According to NSFOCUS Xingyun Lab, from January to February 2025 alone, five […]
VMware ESXi & Workstation & Fusion Multiple High-risk Vulnerabilities (CVE-2025-22224/CVE-2025-22225/CVE-2025-22226)
março 5, 2025
Overview Recently, NSFOCUS CERT detected that VMware issued a security announcement and fixed multiple high-risk vulnerabilities (CVE-2025-22224/CVE-2025-22225/CVE-2025-22226) in VMware ESXi&Workstation&Fusion. At present, all the 3 vulnerabilities have been found to be exploited in the wild. Please take protective measures as soon as possible. CVE-2025-22224: There is a TOCTOU (CheckTime-of-use) write vulnerability in VMware ESXi and […]
NSFOCUS Selected in Frost Radar™: Modern Security Information and Event Management, 2024
março 5, 2025
Santa Clara, Calif. Feb 26, 2024 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced that it has been featured in Frost Radar™: Modern Security Information and Event Management, 2024 released by Frost & Sullivan, an internationally renowned market research institution, and became the only vendor in the Asia-Pacific region selected for this report. According to […]
LLMs Are Posing a Threat to Content Security
março 4, 2025
With the wide application of large language models (LLM) in various fields, their potential risks and threats have gradually become prominent. “Content security” caused by inaccurate or misleading information is becoming a security concern that cannot be ignored. Unfairness and bias, adversarial attacks, malicious code generation, and exploitation of security vulnerabilities continue to raise risk […]
PostgreSQL SQL Injection Vulnerability (CVE-2025-1094)
fevereiro 25, 2025
Overview Recently, NSFOCUS CERT detected that PostgreSQL has issued a security announcement and fixed the PostgreSQL SQL injection vulnerability (CVE-2025-1094), with a CVSS score of 8.1. Since the psql tool of PostgreSQL is used to detect invalid UTF-8 characters (such as hax\xC0′; \! id #), resulting in accidental segmentation of SQL statements, and unauthenticated attackers […]
Build Your AI-Powered Penetration Testing Scheme with DeepSeek + Agent: An NSFOCUS Practice
fevereiro 20, 2025
Dilemma of Traditional Automated Penetration Testing Penetration testing has always been the core means of offensive and defensive confrontation for cybersecurity. However, traditional automatic penetration tools face three major bottlenecks: lack of in-depth understanding of business logic, insufficient ability to detect logical vulnerabilities, and weak ability to link vulnerabilities. Although the passive scanning engine can […]
Hidden Dangers of Security Threats in the Tide of DeepSeek
fevereiro 19, 2025
Recently, DeepSeek attracted global attention and triggered worldwide discussion with its advanced AI models. According to media, numerous Chinese companies have integrated DeepSeek, including Tencent, Alibaba, Baidu, Huawei, Geely Auto, PICC, Huawei, Honor, OPPO and Lenovo, covering multiple industries such as telecommunications, cloud computing, semiconductors, finance, automotive, and mobile technology. Meanwhile, With the fast increasing […]
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability (CVE-2025-0108)
fevereiro 14, 2025
Overview Recently, NSFOCUS CERT detected that Palo Alto Networks issued a security announcement and fixed the identity bypass vulnerability in PAN-OS (CVE-2025-0108). Due to the problem of path processing by Nginx/Apache in PAN-OS, unauthenticated attackers can bypass authentication to access the management web interface of PAN-OS device and call some PHP scripts, thus obtaining sensitive […]
