{"vulnerability": "CVE-2025-3203", "sightings": [{"uuid": "f63f10a2-3622-4a13-8cef-c617709cc78c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-32030", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10782", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32030\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: Apollo Gateway provides utilities for combining multiple GraphQL microservices into a single GraphQL endpoint. Prior to 2.10.1, a vulnerability in Apollo Gateway allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically during named fragment expansion. Named fragments were being expanded once per fragment spread during query planning, leading to exponential resource usage when deeply nested and reused fragments were involved. This could lead to excessive resource consumption and denial of service. This has been remediated in @apollo/gateway version 2.10.1.\n\ud83d\udccf Published: 2025-04-07T20:38:59.654Z\n\ud83d\udccf Modified: 2025-04-07T20:38:59.654Z\n\ud83d\udd17 References:\n1. https://github.com/apollographql/federation/security/advisories/GHSA-q2f9-x4p4-7xmh\n2. https://github.com/apollographql/federation/pull/3236\n3. https://github.com/apollographql/federation/releases/tag/%40apollo%2Fgateway%402.10.1", "creation_timestamp": "2025-04-07T20:46:11.000000Z"}, {"uuid": "b312ea17-4601-4578-bdca-5741cb49d641", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-32034", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10906", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32034\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Prior to 1.61.2 and 2.1.1, a vulnerability in Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically during named fragment expansion. Named fragments were being expanded once per fragment spread during query planning, leading to exponential resource usage when deeply nested and reused fragments were involved. This could lead to excessive resource consumption and denial of service. This has been remediated in apollo-router versions 1.61.2 and 2.1.1.\n\ud83d\udccf Published: 2025-04-07T20:50:29.690Z\n\ud83d\udccf Modified: 2025-04-08T13:30:44.951Z\n\ud83d\udd17 References:\n1. https://github.com/apollographql/router/security/advisories/GHSA-75m2-jhh5-j5g2\n2. https://github.com/apollographql/router/commit/ab6675a63174715ea6ff50881fc957831d4e9564\n3. https://github.com/apollographql/router/commit/bba032e183b861348a466d3123c7137a1ae18952", "creation_timestamp": "2025-04-08T13:46:38.000000Z"}, {"uuid": "9ce3c714-157f-4119-ae59-a0bc779a648c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3203", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llxnhewtot2f", "content": "", "creation_timestamp": "2025-04-04T05:06:53.372144Z"}, {"uuid": "9630e3fa-5c40-445e-9157-e277a520a57e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-32033", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10905", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-32033\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Prior to 1.61.2 and 2.1.1, the operation limits plugin uses unsigned 32-bit integers to track limit counters (e.g. for a query's height). If a counter exceeded the maximum value for this data type (4,294,967,295), it wrapped around to 0, unintentionally allowing queries to bypass configured thresholds. This could occur for large queries if the payload limit were sufficiently increased, but could also occur for small queries with deeply nested and reused named fragments. This has been remediated in apollo-router versions 1.61.2 and 2.1.1.\n\ud83d\udccf Published: 2025-04-07T20:48:19.504Z\n\ud83d\udccf Modified: 2025-04-08T13:31:44.219Z\n\ud83d\udd17 References:\n1. https://github.com/apollographql/router/security/advisories/GHSA-84m6-5m72-45fp\n2. https://github.com/apollographql/router/commit/ab6675a63174715ea6ff50881fc957831d4e9564\n3. https://github.com/apollographql/router/commit/bba032e183b861348a466d3123c7137a1ae18952", "creation_timestamp": "2025-04-08T13:46:37.000000Z"}, {"uuid": "f10abd56-3fab-45ec-8d96-339aa472b680", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-32035", "type": "seen", "source": "https://t.me/cvedetector/22511", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32035 - DotNetNuke File Upload Validation Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-32035 \nPublished : April 8, 2025, 6:16 p.m. | 1\u00a0hour, 18\u00a0minutes ago \nDescription : DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to 9.13.2, when uploading files (e.g. when uploading assets), the file extension is checked to see if it's an allowed file type but the actual contents of the file aren't checked. This means that it's possible to e.g. upload an executable file renamed to be a .jpg. This file could then be executed by another security vulnerability. This vulnerability is fixed in 9.13.2. \nSeverity: 2.6 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T22:22:34.000000Z"}, {"uuid": "fcfc887e-8bec-46f8-871c-bcd2b4994237", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-32030", "type": "seen", "source": "Telegram/5eBuvckgjMmUrrDTZuzRXBnI9rJEpd7_1eddmnGajLrVyIo", "content": "", "creation_timestamp": "2025-04-07T23:31:55.000000Z"}, {"uuid": "45dd5172-c0e3-4787-84c7-718c4229af88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-32031", "type": "published-proof-of-concept", "source": "Telegram/5dAdkBrkgoCoPXtqjNJ6teSKY8EEieVK1jkeeM1fkZslcgw", "content": "", "creation_timestamp": "2025-04-07T23:31:54.000000Z"}, {"uuid": "e72d1e4f-fb7e-4d83-87ca-856b86e6c816", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-32030", "type": "published-proof-of-concept", "source": "Telegram/5dAdkBrkgoCoPXtqjNJ6teSKY8EEieVK1jkeeM1fkZslcgw", "content": "", "creation_timestamp": "2025-04-07T23:31:54.000000Z"}, {"uuid": "0b38aeb5-404f-452c-a527-db70cce1b79e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-32033", "type": "published-proof-of-concept", "source": "Telegram/5dAdkBrkgoCoPXtqjNJ6teSKY8EEieVK1jkeeM1fkZslcgw", "content": "", "creation_timestamp": "2025-04-07T23:31:54.000000Z"}, {"uuid": "c1fe836d-f677-4acf-b821-bdf6eae70a27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-32034", "type": "published-proof-of-concept", "source": "Telegram/5dAdkBrkgoCoPXtqjNJ6teSKY8EEieVK1jkeeM1fkZslcgw", "content": "", "creation_timestamp": "2025-04-07T23:31:54.000000Z"}, {"uuid": "a8465c5d-7925-4946-bdd0-2b500dfaf147", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-32032", "type": "published-proof-of-concept", "source": "Telegram/5dAdkBrkgoCoPXtqjNJ6teSKY8EEieVK1jkeeM1fkZslcgw", "content": "", "creation_timestamp": "2025-04-07T23:31:54.000000Z"}, {"uuid": "c8c84392-cf01-4547-b72a-faa5606e14bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3203", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10386", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3203\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as problematic was found in Tenda W18E 16.01.0.11. Affected by this vulnerability is the function formSetAccountList of the file /goform/setModules. The manipulation of the argument Password leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-04-04T02:31:09.829Z\n\ud83d\udccf Modified: 2025-04-04T02:31:09.829Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.303157\n2. https://vuldb.com/?ctiid.303157\n3. https://vuldb.com/?submit.545883\n4. https://github.com/ZIKH26/tmp_store_reports/blob/main/tenda-w18e.md\n5. https://www.tenda.com.cn/", "creation_timestamp": "2025-04-04T03:35:57.000000Z"}, {"uuid": "b741ab18-2d1e-4763-84a0-69c6fa8bbcd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-32034", "type": "seen", "source": "https://t.me/cvedetector/22363", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32034 - Apollo Router Denial of Service (DoS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-32034 \nPublished : April 7, 2025, 9:15 p.m. | 1\u00a0hour, 42\u00a0minutes ago \nDescription : The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Prior to 1.61.2 and 2.1.1, a vulnerability in Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically during named fragment expansion. Named fragments were being expanded once per fragment spread during query planning, leading to exponential resource usage when deeply nested and reused fragments were involved. This could lead to excessive resource consumption and denial of service. This has been remediated in apollo-router versions 1.61.2 and 2.1.1. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T01:26:33.000000Z"}, {"uuid": "2be740ec-9128-4a03-a0ab-6ba9de82e2cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-32033", "type": "seen", "source": "https://t.me/cvedetector/22362", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32033 - Apollo Router Core Unsigned Integer Wraparound Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-32033 \nPublished : April 7, 2025, 9:15 p.m. | 1\u00a0hour, 42\u00a0minutes ago \nDescription : The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Prior to 1.61.2 and 2.1.1, the operation limits plugin uses unsigned 32-bit integers to track limit counters (e.g. for a query's height). If a counter exceeded the maximum value for this data type (4,294,967,295), it wrapped around to 0, unintentionally allowing queries to bypass configured thresholds. This could occur for large queries if the payload limit were sufficiently increased, but could also occur for small queries with deeply nested and reused named fragments. This has been remediated in apollo-router versions 1.61.2 and 2.1.1. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T01:26:32.000000Z"}, {"uuid": "d93c60a8-a39b-4c6c-9529-c8f2da3d3e90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-32032", "type": "seen", "source": "https://t.me/cvedetector/22361", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32032 - Apollo Router Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-32032 \nPublished : April 7, 2025, 9:15 p.m. | 1\u00a0hour, 42\u00a0minutes ago \nDescription : The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. A vulnerability in Apollo Router allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically due to internal optimizations being frequently bypassed. The query planner includes an optimization that significantly speeds up planning for applicable GraphQL selections. However, queries with deeply nested and reused named fragments can generate many selections where this optimization does not apply, leading to significantly longer planning times. Because the query planner does not enforce a timeout, a small number of such queries can exhaust router's thread pool, rendering it inoperable. This could lead to excessive resource consumption and denial of service. This has been remediated in apollo-router versions 1.61.2 and 2.1.1. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T01:26:31.000000Z"}, {"uuid": "5f51efc5-ed10-4bbf-9ba0-d2ef24d2aedd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-32031", "type": "seen", "source": "https://t.me/cvedetector/22360", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32031 - Apollo Gateway Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-32031 \nPublished : April 7, 2025, 9:15 p.m. | 1\u00a0hour, 42\u00a0minutes ago \nDescription : Apollo Gateway provides utilities for combining multiple GraphQL microservices into a single GraphQL endpoint. Prior to 2.10.1, a vulnerability in Apollo Gateway allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically due to internal optimizations being frequently bypassed. The query planner includes an optimization that significantly speeds up planning for applicable GraphQL selections. However, queries with deeply nested and reused named fragments can generate many selections where this optimization does not apply, leading to significantly longer planning times. Because the query planner does not enforce a timeout, a small number of such queries can render gateway inoperable. This could lead to excessive resource consumption and denial of service. This has been remediated in @apollo/gateway version 2.10.1. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T01:26:31.000000Z"}, {"uuid": "8bff3ac5-7c41-424e-a797-85798bb03cb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-32030", "type": "seen", "source": "https://t.me/cvedetector/22359", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-32030 - Apollo Gateway Nested Fragment Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-32030 \nPublished : April 7, 2025, 9:15 p.m. | 1\u00a0hour, 42\u00a0minutes ago \nDescription : Apollo Gateway provides utilities for combining multiple GraphQL microservices into a single GraphQL endpoint. Prior to 2.10.1, a vulnerability in Apollo Gateway allowed queries with deeply nested and reused named fragments to be prohibitively expensive to query plan, specifically during named fragment expansion. Named fragments were being expanded once per fragment spread during query planning, leading to exponential resource usage when deeply nested and reused fragments were involved. This could lead to excessive resource consumption and denial of service. This has been remediated in @apollo/gateway version 2.10.1. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T01:26:30.000000Z"}, {"uuid": "29d10345-fb57-47a0-a0c5-b6252823bead", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3203", "type": "seen", "source": "https://t.me/cvedetector/22060", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3203 - Tenda W18E Stack-Based Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2025-3203 \nPublished : April 4, 2025, 3:15 a.m. | 28\u00a0minutes ago \nDescription : A vulnerability classified as problematic was found in Tenda W18E 16.01.0.11. Affected by this vulnerability is the function formSetAccountList of the file /goform/setModules. The manipulation of the argument Password leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T06:18:02.000000Z"}]}