Now testing for the following vulnerabilities - Detectify

Back to all posts

new tests

August 20, 2025

Now testing for the following vulnerabilities

New tests built and released by Alfred, our AI Security Researcher:

Haven't met Alfred yet? You can read more about how we're using AI to discover, source, and build tests for CVEs here.

CVE-2018-12923: BWS Systems HA-Bridge Information Disclosure [5.3 / Medium]
CVE-2015-9481: Diplomat Theme Information Disclosure [5.3 / Medium]
CVE-2015-7245: D-Link DVG-N5402SP Path Traversal [5.3 / Medium]

New tests released based on submissions by our Detectify Crowdsource hackers:

CVE-2025-53833: LaRecipe Server-Side Template Injection [9.1 / Critical]
CVE-2025-53558: ZTE ZXHN-F660T & ZXHN-F660A Hard-Coded Credentials [8.8 / High]
CVE-2025-27506: NocoDB XSS [5.4 / Medium]
CVE-2025-4210: Casdoor Authorization Bypass [4.9 / Medium]
CVE-2024-21136: Oracle Retail Xstore Office Path Traversal [8.6 / High]
CVE-2024-7339: TVT DVR Information Disclosure [4.7 / Medium]
CVE-2023-24544: Buffalo Information Disclosure [4.9 / Medium]
CVE-2022-41697: Ghost Information Disclosure [4.9 / Medium]
CVE-2022-33119: NUUO Network Video Recorder ("NVR") NVRsolo XSS [6.1 / Medium]
CVE-2021-25161: Aruba Instant Access Point (IAP) XSS [5.3 / Medium]
CVE-2019-17506: D-LINK DIR-868L/817LW Information Disclosure [8.0 / High]
DirectAdmin Information Disclosure [4.7 / Medium]
OpenVPN Access Server Config Exposure [4.9 / Medium]
Perch Debug Mode Enabled [5.1 / Medium]
Riello Netman 204 Information Disclosure [4.7 / Medium]

Improved finding information:

CVE-2024-23055: Plone Host Header Injection [6.1 / Medium]
IBM Cloud Bucket Exposure [4.7 / Medium]

View your vulnerabilities

Thanks for your feedback