{"vulnerability": "cve-2025-3659", "sightings": [{"uuid": "0d79cc29-3d50-4c9a-bf90-e27875ad1e6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3659", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3loytm2lzxx2g", "content": "", "creation_timestamp": "2025-05-12T20:45:06.410307Z"}, {"uuid": "f70aa2b4-26ca-4fbf-a63e-8b8e18340aa7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3659", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114497023589716715", "content": "", "creation_timestamp": "2025-05-12T21:38:52.031016Z"}, {"uuid": "e6e99650-9e5e-4f89-8864-575728c923d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-36594", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lvlpien52u26", "content": "", "creation_timestamp": "2025-08-04T17:23:12.131886Z"}, {"uuid": "f56d0b63-8955-494f-a4fc-7755ba086b5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-36594", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3lvmkrih3vm2j", "content": "", "creation_timestamp": "2025-08-05T01:31:30.085292Z"}, {"uuid": "46c3cf7e-0f93-4c45-947f-9024fe7ab4c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-3659", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16050", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3659\n\ud83d\udd25 CVSS Score: 9.4 (cvssV4_0, Vector: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:L)\n\ud83d\udd39 Description: Improper authentication handling was identified in a set of HTTP POST requests affecting the following product families: \n\n  *  Digi PortServer TS - prior to and including 82000747_AA, build date 06/17/2022\n\n\n  *  Digi One SP/Digi One SP IA/Digi One IA - prior to and including 82000774_Z, build date 10/19/2020\n\n\n  *  Digi One IAP \u2013 prior to and including 82000770 Z, build date 10/19/2020\n\n\n\n\nA specially crafted POST request to the device\u2019s web interface may allow an unauthenticated attacker to modify configuration settings.\n\ud83d\udccf Published: 2025-05-12T20:40:03.567Z\n\ud83d\udccf Modified: 2025-05-12T20:40:03.567Z\n\ud83d\udd17 References:\n1. https://hub.digi.com/support/products/infrastructure-management/digi-portserver-ts/\n2. https://hub.digi.com/support/products/infrastructure-management/digi-one-sp-ia/\n3. https://hub.digi.com/support/products/infrastructure-management/digi-one-iap-haz/\n4. https://www.digi.com/getattachment/Resources/Security/Alerts/Improper-authentication-handling-for-Digi-PortServ/improper-authentication-handling.pdf", "creation_timestamp": "2025-05-12T21:29:36.000000Z"}, {"uuid": "1cf9129f-55dd-454a-92d4-3a2a18996a62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-36593", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19963", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-36593\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Dell OpenManage Network Integration, versions prior to 3.8, contains an Authentication Bypass by Capture-replay vulnerability in the RADIUS protocol.  An attacker with local network access could potentially exploit this vulnerability to forge a valid protocol accept message in response to a failed authentication request.\n\ud83d\udccf Published: 2025-06-30T18:29:05.020Z\n\ud83d\udccf Modified: 2025-06-30T18:54:00.938Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/en-us/000337238/dsa-2025-257-security-update-for-dell-openmanage-network-integration-omni-vulnerabilities", "creation_timestamp": "2025-06-30T19:08:30.000000Z"}, {"uuid": "9c9f8522-e468-405f-87c4-01b5d34f64f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-36593", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsu4gdcljb2s", "content": "", "creation_timestamp": "2025-06-30T21:20:25.490088Z"}, {"uuid": "fdd7c70d-c43c-4433-a93b-c223747db553", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-36594", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lvuajgca4s2h", "content": "", "creation_timestamp": "2025-08-08T02:49:19.374249Z"}, {"uuid": "abe73f52-cd16-423e-892b-138ca8d9aea0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-36595", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19721", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-36595\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Dell Unisphere for PowerMax vApp, version(s) 9.2.4.x, contain(s) an Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.\n\ud83d\udccf Published: 2025-06-27T13:51:28.738Z\n\ud83d\udccf Modified: 2025-06-27T14:48:28.368Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/en-us/000337554/dsa-2025-235-dell-powermaxos-dell-powermax-eem-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-unisphere-360-dell-solutions-enabler-and-dell-solutions-enabler-virtual-appliance-security-update-for-multiple-vulnerabilit", "creation_timestamp": "2025-06-27T14:51:21.000000Z"}]}