{"vulnerability": "cve-2025-3008", "sightings": [{"uuid": "3c80a355-c26d-470c-8c19-5dbf12090165", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30080", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lluikv26so24", "content": "", "creation_timestamp": "2025-04-02T23:01:26.058686Z"}, {"uuid": "3c86ccc9-7072-4e33-bcab-d75e29c2ef59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30085", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lreje2po452p", "content": "", "creation_timestamp": "2025-06-11T23:04:00.205661Z"}, {"uuid": "0c23767f-ac2b-45ad-9576-5a6ee0c0050d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30084", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lquhlht6yed2", "content": "", "creation_timestamp": "2025-06-05T13:49:52.131534Z"}, {"uuid": "305676c0-2614-4f7b-802b-17c8232a4da7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30087", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqat7ccgwur2", "content": "", "creation_timestamp": "2025-05-28T18:24:36.265029Z"}, {"uuid": "62569954-dd66-43b4-9439-f1a2bea83850", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3008", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9745", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3008\n\ud83d\udd25 CVSS Score: 5.1 (cvssV4_0, Vector: CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as critical has been found in Novastar CX40 up to 2.44.0. Affected is the function system/popen of the file /usr/nova/bin/netconfig of the component NetFilter Utility. The manipulation leads to command injection. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.\n\ud83d\udccf Published: 2025-03-31T19:00:07.651Z\n\ud83d\udccf Modified: 2025-03-31T19:00:07.651Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.302058\n2. https://vuldb.com/?ctiid.302058\n3. https://vuldb.com/?submit.524869", "creation_timestamp": "2025-03-31T19:31:04.000000Z"}, {"uuid": "e042a91b-2d0a-4b2a-a0e6-21f3b9e1bb70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30080", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10199", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30080\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Signalling in Pexip Infinity 29 through 36.2 before 37.0 has improper input validation that allows remote attackers to trigger a temporary denial of service (software abort).\n\ud83d\udccf Published: 2025-04-02T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-03T13:23:27.067Z\n\ud83d\udd17 References:\n1. https://docs.pexip.com/admin/security_bulletins.htm", "creation_timestamp": "2025-04-03T13:34:41.000000Z"}, {"uuid": "3ae4ad24-9e75-46c2-b53a-0b51588217f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30085", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18176", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30085\n\ud83d\udd25 CVSS Score: 9.2 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/S:N/AU:N/RE:L/U:Clear)\n\ud83d\udd39 Description: Remote code execution vulnerability in RSForm!pro component 3.0.0 - 3.3.14 for Joomla was discovered. The issue occurs within the submission export feature and requires administrative access to the export feature.\n\ud83d\udccf Published: 2025-06-11T19:07:39.032Z\n\ud83d\udccf Modified: 2025-06-12T15:18:38.814Z\n\ud83d\udd17 References:\n1. https://rsjoomla.com/", "creation_timestamp": "2025-06-12T15:33:51.000000Z"}, {"uuid": "f61858e8-2411-494c-9e4e-5024d19ed5ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30089", "type": "seen", "source": "https://t.me/cvedetector/20422", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30089 - Gurk ANSI Escape Sequence Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30089 \nPublished : March 17, 2025, 12:15 a.m. | 1\u00a0hour, 8\u00a0minutes ago \nDescription : gurk (aka gurk-rs) through 0.6.3 mishandles ANSI escape sequences. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-17T02:24:42.000000Z"}, {"uuid": "b777e734-d4e9-40ee-9ad9-3817902eb2f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30085", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114666470506828107", "content": "", "creation_timestamp": "2025-06-11T19:51:26.628655Z"}, {"uuid": "8e717792-db9e-4ffa-8237-31a936a2b808", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30085", "type": "seen", "source": "Telegram/d4nUwsOBOdQROW01SEnvl_Ro6E92wcWw7AWRntwHKYeAQB4", "content": "", "creation_timestamp": "2025-06-11T20:16:15.000000Z"}, {"uuid": "8c1be361-e379-427c-bb38-81857f0dac0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30080", "type": "seen", "source": "https://t.me/cvedetector/21923", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30080 - Pexip Infinity Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2025-30080 \nPublished : April 2, 2025, 9:15 p.m. | 1\u00a0hour, 19\u00a0minutes ago \nDescription : Signalling in Pexip Infinity 29 through 36.2 before 37.0 has improper input validation that allows remote attackers to trigger a temporary denial of service (software abort). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-03T01:01:31.000000Z"}, {"uuid": "e96079ec-2c45-4dbb-b4fa-87d76c277797", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3008", "type": "seen", "source": "https://t.me/cvedetector/21652", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3008 - Novastar CX40 NetFilter Utility Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3008 \nPublished : March 31, 2025, 7:15 p.m. | 1\u00a0hour, 51\u00a0minutes ago \nDescription : A vulnerability classified as critical has been found in Novastar CX40 up to 2.44.0. Affected is the function system/popen of the file /usr/nova/bin/netconfig of the component NetFilter Utility. The manipulation leads to command injection. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T23:23:58.000000Z"}, {"uuid": "8a53232e-6c54-4734-894f-a4e5cab09767", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30089", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkkabdiwlw2k", "content": "", "creation_timestamp": "2025-03-17T03:41:06.154424Z"}, {"uuid": "f08d486c-7ad9-4404-b6af-434982c39c8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30084", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114631238055243276", "content": "", "creation_timestamp": "2025-06-05T14:31:22.295283Z"}, {"uuid": "c3c4a721-21e5-464e-84d5-cc6ea11a6e59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30084", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqumgrqzeq2m", "content": "", "creation_timestamp": "2025-06-05T15:16:37.070232Z"}, {"uuid": "06b66f7d-c199-4d33-aacf-4123b26f44c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30089", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7729", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30089\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L)\n\ud83d\udd39 Description: gurk (aka gurk-rs) through 0.6.3 mishandles ANSI escape sequences.\n\ud83d\udccf Published: 2025-03-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-17T00:12:48.722Z\n\ud83d\udd17 References:\n1. https://github.com/boxdot/gurk-rs/issues/384\n2. https://crates.io/crates/gurk", "creation_timestamp": "2025-03-17T00:55:13.000000Z"}, {"uuid": "2bb2551c-ff75-406a-abeb-d899524b785f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30084", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18356", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30084\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A stored XSS vulnerability in RSMail! component 1.19.20 - 1.22.26 for Joomla was discovered. The issue occurs within the dashboard  component, where user-supplied input is not properly sanitized before being stored and rendered. An attacker can inject malicious JavaScript code into text fields or other input points, which is subsequently executed in the browser of any user who clicks on the crafted text in the dashboard.\n\ud83d\udccf Published: 2025-06-05T13:20:36.856Z\n\ud83d\udccf Modified: 2025-06-14T04:36:30.353Z\n\ud83d\udd17 References:\n1. https://rsjoomla.com/", "creation_timestamp": "2025-06-14T05:34:16.000000Z"}]}