Apache Kafka Arbitrary File Read and SSRF Vulnerability (CVE-2025-27817)
junho 11, 2025
Overview Recently, NSFOCUS CERT detected that Apache issued a security bulletin to fix the arbitrary file read and SSRF vulnerabilities in Apache Kafka (CVE-2025-27817); Because the Apache Kafka client does not strictly validate and restrict user input, an unauthenticated attacker can elevate the file system/environment/URL access rights of the REST API by constructing malicious configurations […]
NSFOCUS Releases 2024 Global DDoS Landscape Report
junho 9, 2025
SANTA CLARA, Calif., June 9, 2025 – NSFOCUS, a global leader in cybersecurity solutions, announced the release of its annual report, the 2024 Global DDoS Landscape Report. The full report is packed with in-depth analysis and insights that can help organizations better understand the DDoS threat environment and formulate more effective countermeasures. Highlights of the […]
Multiple High-Risk Vulnerabilities in DataEase (CVE-2025-49001/CVE-2025-49002/CVE-2025-48999)
junho 9, 2025
Overview Recently, NSFOCUS CERT has detected that DataEase has issued a security bulletin to fix multiple high-risk vulnerabilities in DataEase (CVE-2025-49001/CVE-2025-49002/CVE-2025-48999). Combined use can achieve unauthorized code execution. At present, the vulnerability details and PoC have been made public. Relevant users are requested to take measures to protect them as soon as possible. CVE-2025-49001: Due […]
NSFOCUS Recognized by Forrester in The Network Analysis and Visibility (NAV) Solution Landscape
maio 28, 2025
Santa Clara, Calif. May 28, 2025 – Recently, global research and advisory firm Forrester released The Network Analysis and Visibility (NAV) Solutions Landscape, Q2 2025, offering a comprehensive analysis of market dynamics, technology trends, and product capabilities. NSFOCUS has once again [1] been included in this report. Forrester’s reports on specific technical fields are highly recognized worldwide. […]
VMware vCenter Server Command Execution Vulnerability (CVE-2025-41225)
maio 21, 2025
Overview Recently, NSFOCUS CERT detected that VMware issued a security bulletin to fix the command execution vulnerability (CVE-2025-41225) of VMware vCenter Server; Due to an authenticated command execution vulnerability in VMware vCenter Server, an attacker with permissions to create or modify alerts and run scripts can exploit this vulnerability to execute arbitrary commands on the […]
Ivanti Endpoint Manager Mobile Authentication Bypass and Remote Code Execution Vulnerability (CVE-2025-4427/CVE-2025-4428)
maio 16, 2025
Recently, NSFOCUS CERT detected that Ivanti issued a security advisory to fix the authentication bypass and remote code execution vulnerabilities (CVE-2025-4427/CVE-2025-4428) in Ivanti Endpoint Manager Mobile (EPMM). At present, both 2 vulnerabilities have been found to be exploited in the wild. Please take measures to protect them as soon as possible. CVE-2025-4427: An authentication bypass […]
NSFOCUS WAF Selected in the 2025 Gartner® Market Guide for Cloud Web Application and API Protection
maio 14, 2025
Santa Clara, Calif. May 14, 2025 – Recently, Gartner released the “Market Guide for Cloud Web Application and API Protection”[1], and NSFOCUS was selected as a Representative Vendor with its innovative WAAP solution. We believe this recognition reflects the technical accumulation and practical capabilities of NSFOCUS WAF in the field of cloud native security protection. Its […]
India-Pakistan Conflicts Escalating: Military Operations and DDoS Attacks Making Targeted Strikes
maio 13, 2025
Background On May 7, 2025, NSFOCUS Fuying Lab released “Two-Front Confrontation: Parallel Narratives of India-Pakistan Reality Friction and Cyber DDoS Attacks“, which analyzed the DDoS attack activities in the early stage of India-Pakistan friction. This article is the second in this series, mainly analyzing the DDoS attack activities against India after May 7. May 7, […]
High Risk Warning for Windows Ecosystem: New Botnet Family HTTPBot is Expanding
maio 12, 2025
Overview In April 2025, the Global Threat Hunting system of NSFOCUS Fuying Lab detected a significant increase in the activity of a new Botnet Trojan developed based on Go language. Given that many of its built-in DDoS attack methods are HTTP-based, Fuying Lab named it HTTPBot. The HTTPBot Botnet family first came into our monitoring […]
Elastic Kibana Prototype Contamination Leads to Arbitrary Code Execution Vulnerability (CVE-2025-25014)
maio 9, 2025
Overview Recently, NSFOCUS CERT detected that Elastic issued a security bulletin to fix the arbitrary code execution vulnerability caused by Elastic Kibana prototype contamination (CVE-2025-25014); Due to the prototype contamination problem in Kibana, an attacker with specific role privileges can bypass the authentication mechanism by constructing specially crafted file uploads and specific HTTP requests to […]
