CVE-2025-11906
- EPSS 0.01%
- Veröffentlicht 30.10.2025 07:39:38
- Zuletzt bearbeitet 30.10.2025 15:03:13
A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escal...
CVE-2025-10240
- EPSS 0.06%
- Veröffentlicht 09.10.2025 12:43:40
- Zuletzt bearbeitet 09.10.2025 15:50:04
A vulnerability exists in the Progress Flowmon web application prior to version 12.5.5, whereby a user who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated session.
CVE-2025-10239
- EPSS 0.07%
- Veröffentlicht 09.10.2025 12:42:05
- Zuletzt bearbeitet 09.10.2025 15:50:04
In Flowmon versions prior to 12.5.5, a vulnerability has been identified that allows a user with administrator privileges and access to the management interface to execute additional unintended commands within scripts intended for troubleshooting pur...
CVE-2024-2389
- EPSS 94.31%
- Veröffentlicht 02.04.2024 13:15:51
- Zuletzt bearbeitet 07.02.2025 17:00:46
In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified. An unauthenticated user can gain entry to the system via the Flowmon management interface, allowing for the execution of arbitr...