{"vulnerability": "cve-2025-2239", "sightings": [{"uuid": "f292806b-a7e5-45c7-b28b-3fe5b33b8d3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22399", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhw5zep27c2z", "content": "", "creation_timestamp": "2025-02-11T17:17:09.581421Z"}, {"uuid": "04e73dc0-e425-4584-ac81-c2bd62791426", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22398", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:44.000000Z"}, {"uuid": "c5946401-3d3d-47fb-b769-e321c48e60d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22399", "type": "seen", "source": "https://t.me/cvedetector/17712", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22399 - Dell UCC Edge Blind SSRF\", \n  \"Content\": \"CVE ID : CVE-2025-22399 \nPublished : Feb. 11, 2025, 5:15 p.m. | 58\u00a0minutes ago \nDescription : Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SFTP Server vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Server-side request forgery \nSeverity: 7.9 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-11T19:52:40.000000Z"}, {"uuid": "136d64ab-4c7b-4889-81f6-5c345b55d230", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22395", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/297", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22395\n\ud83d\udd39 Description: Dell Update Package Framework, versions prior to 22.01.02, contain(s) a Local Privilege Escalation Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary remote scripts on the server. Exploitation may lead to a denial of service by an attacker.\n\ud83d\udccf Published: 2025-01-07T02:52:54.624Z\n\ud83d\udccf Modified: 2025-01-07T02:52:54.624Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/en-us/000269079/dsa-2025-034-security-update-for-dell-update-package-dup-framework-vulnerability", "creation_timestamp": "2025-01-07T03:38:00.000000Z"}, {"uuid": "db8fd010-4b8c-43f1-a400-1105a9d3046e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22394", "type": "seen", "source": "https://t.me/cvedetector/15404", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22394 - Dell Display Manager TOCTOU Race Condition Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22394 \nPublished : Jan. 15, 2025, 5:15 a.m. | 24\u00a0minutes ago \nDescription : Dell Display Manager, versions prior to 2.3.2.18, contain a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to code execution and possibly privilege escalation. \nSeverity: 6.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-15T06:44:45.000000Z"}, {"uuid": "da066928-09d1-4d3b-b13a-3891bcc3347e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22390", "type": "seen", "source": "https://t.me/cvedetector/14257", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22390 - Optimizely EPiServer.CMS.Core Weak Password Complexity Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22390 \nPublished : Jan. 4, 2025, 2:15 a.m. | 28\u00a0minutes ago \nDescription : An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity vulnerability exists in the CMS due to insufficient enforcement of password complexity requirements. The application permits users to set passwords with a minimum length of 6 characters, lacking adequate complexity to resist modern attack techniques such as password spraying or offline password cracking. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-04T03:53:17.000000Z"}, {"uuid": "8c1a307d-420c-4c19-b51a-46afafd5b639", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22395", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf4onxu4em2c", "content": "", "creation_timestamp": "2025-01-07T03:15:24.441297Z"}, {"uuid": "30e1c3e4-7ea2-44bc-84dc-24f05f80c476", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22395", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/113788229042426680", "content": "", "creation_timestamp": "2025-01-07T17:23:05.391967Z"}, {"uuid": "e1a22c8f-316b-488d-89d9-a4f77f8b1390", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22395", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113784842334985507", "content": "", "creation_timestamp": "2025-01-07T03:01:49.047216Z"}, {"uuid": "40b5c8d0-afcb-47bf-b7d0-5b071e930f42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22398", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3llnuqeojo22z", "content": "", "creation_timestamp": "2025-03-31T07:50:32.363972Z"}, {"uuid": "d51c9ff9-937c-4d4c-a92e-99e0b7e18124", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22394", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1701", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22394\n\ud83d\udd39 Description: Dell Display Manager, versions prior to 2.3.2.18, contain a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to code execution and possibly privilege escalation.\n\ud83d\udccf Published: 2025-01-15T04:41:21.868Z\n\ud83d\udccf Modified: 2025-01-15T04:41:21.868Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/en-us/000267927/dsa-2025-033", "creation_timestamp": "2025-01-15T05:11:48.000000Z"}, {"uuid": "49b9e95a-71b3-4e66-80c9-5c85704aa452", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22398", "type": "seen", "source": "Telegram/JL2AEDUW3nn7wJMvX5Y1pZ6RRzjZ9DRWcg7AcNic7FT7f9E", "content": "", "creation_timestamp": "2025-03-28T04:03:38.000000Z"}, {"uuid": "56398601-6f28-404b-9690-1f9a675d67ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22395", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf4qich36q2r", "content": "", "creation_timestamp": "2025-01-07T03:48:01.432668Z"}, {"uuid": "eac3c10a-5f10-4aa3-a083-f68dd5418785", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22395", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf4qicqffd2w", "content": "", "creation_timestamp": "2025-01-07T03:48:02.152870Z"}, {"uuid": "93c24067-527c-4d1d-bf63-85a442466a6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22395", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113785025323519438", "content": "", "creation_timestamp": "2025-01-07T03:48:20.599818Z"}, {"uuid": "bd662fe1-aaa5-4e95-8e3b-cdd7f362c95f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22395", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3lfuy7cwz662n", "content": "", "creation_timestamp": "2025-01-16T19:10:04.342390Z"}, {"uuid": "3a41f761-2fad-4659-b5ea-011780376548", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22394", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113830552510983298", "content": "", "creation_timestamp": "2025-01-15T04:46:30.098016Z"}, {"uuid": "9bbbc33a-be1b-45cd-b097-b84fecf6df2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22390", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113767706120832325", "content": "", "creation_timestamp": "2025-01-04T02:23:55.248514Z"}, {"uuid": "41b9faef-e0ca-4e34-bad1-e04f8cef8851", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22398", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llnfieiut222", "content": "", "creation_timestamp": "2025-03-31T03:17:39.102971Z"}, {"uuid": "66f4f848-5b70-4b1c-9a73-dcbbe7ad5e9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22398", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3llnpponydh2k", "content": "", "creation_timestamp": "2025-03-31T06:20:41.211380Z"}, {"uuid": "8795dd62-509a-4073-a3b9-0cb37d019871", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22398", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llpacjsw7c22", "content": "", "creation_timestamp": "2025-03-31T20:50:17.004981Z"}, {"uuid": "be7cc031-8858-497a-88fe-bca035bcca81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22398", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3llfrywabgk2u", "content": "", "creation_timestamp": "2025-03-28T02:40:20.324258Z"}, {"uuid": "eb8dabe3-d5df-4c2b-80b8-ec1e7cd184e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22398", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3llghymhkxv27", "content": "", "creation_timestamp": "2025-03-28T09:13:52.722662Z"}, {"uuid": "4dae6170-0cac-4671-9811-2a454dbccec7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22398", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:47:57.000000Z"}, {"uuid": "9b1b1d84-a261-4015-8ffe-a3544c409d0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2239", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7313", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2239\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Generation of Error Message Containing Sensitive Information vulnerability in Hillstone Networks Hillstone Next Generation FireWall.This issue affects Hillstone Next Generation FireWall: from 5.5R8P1 before 5.5R8P23.\n\ud83d\udccf Published: 2025-03-12T09:53:35.677Z\n\ud83d\udccf Modified: 2025-03-12T14:18:30.762Z\n\ud83d\udd17 References:\n1. https://www.hillstonenet.com.cn/security-notification/2025/02/17/stoneosjd/", "creation_timestamp": "2025-03-12T14:40:52.000000Z"}, {"uuid": "01211273-e6d3-4ad1-a322-4877b77ddad0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22398", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9257", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22398\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution as root. Exploitation may lead to a system take over by an attacker. This vulnerability is considered critical as it can be leveraged to completely compromise the operating system. Dell recommends customers to upgrade at the earliest opportunity.\n\ud83d\udccf Published: 2025-03-28T01:41:00.767Z\n\ud83d\udccf Modified: 2025-03-28T01:41:00.767Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities", "creation_timestamp": "2025-03-28T02:28:14.000000Z"}, {"uuid": "eca2af58-12c1-487d-92a5-c183017fd65c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22398", "type": "seen", "source": "https://t.me/cvedetector/21371", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22398 - \"Dell Unity OS Command Injection Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-22398 \nPublished : March 28, 2025, 2:15 a.m. | 1\u00a0hour, 51\u00a0minutes ago \nDescription : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution as root. Exploitation may lead to a system take over by an attacker. This vulnerability is considered critical as it can be leveraged to completely compromise the operating system. Dell recommends customers to upgrade at the earliest opportunity. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-28T05:12:24.000000Z"}, {"uuid": "86226478-8524-4efd-9b41-5cb163ceb9b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22395", "type": "seen", "source": "https://t.me/cvedetector/14427", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22395 - Dell Update Package Framework Local Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22395 \nPublished : Jan. 7, 2025, 3:15 a.m. | 18\u00a0minutes ago \nDescription : Dell Update Package Framework, versions prior to 22.01.02, contain(s) a Local Privilege Escalation Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary remote scripts on the server. Exploitation may lead to a denial of service by an attacker. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-07T04:39:15.000000Z"}, {"uuid": "fca2c47e-b5a6-46f4-af39-ff50c3d49deb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22395", "type": "seen", "source": "https://t.me/TheDarkWebInformer/10101", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22395\n\ud83d\udd39 Description: Dell Update Package Framework, versions prior to 22.01.02, contain(s) a Local Privilege Escalation Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary remote scripts on the server. Exploitation may lead to a denial of service by an attacker.\n\ud83d\udccf Published: 2025-01-07T02:52:54.624Z\n\ud83d\udccf Modified: 2025-01-07T02:52:54.624Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/en-us/000269079/dsa-2025-034-security-update-for-dell-update-package-dup-framework-vulnerability", "creation_timestamp": "2025-01-07T14:42:12.000000Z"}]}