CVE-2025-48732
7.3HIGHAn incomplete blacklist exists in the .htaccess sample of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can requ
Published: 7/24/2025Updated: 11/3/2025
Description
An incomplete blacklist exists in the .htaccess sample of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can request a .phar file to trigger this vulnerability.
AI AnalysisPowered by AI
Affected Products
wwbnavideo
14.4
References
- https://talosintelligence.com/vulnerability_reports/TALOS-2025-2213ExploitThird Party Advisory
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2213
- https://talosintelligence.com/vulnerability_reports/TALOS-2025-2213ExploitThird Party Advisory