CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2245 – Server Side Request Forgery in GravityZone Update Server Using Null Bytes (VA-12646)
https://notcve.org/view.php?id=CVE-2025-2245
04 Apr 2025 — A server-side request forgery (SSRF) vulnerability exists in the Bitdefender GravityZone Update Server when operating in Relay Mode. The HTTP proxy component on port 7074 uses a domain allowlist to restrict outbound requests, but fails to properly sanitize hostnames containing null-byte (%00) sequences. By crafting a request to a domain such as evil.com%00.bitdefender.com, an attacker can bypass the allowlist check, causing the proxy to forward requests to arbitrary external or internal systems. Existe una ... • https://www.bitdefender.com/support/security-advisories/server-side-request-forgery-in-gravityzone-update-server-using-null-bytes-va-12646 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2243 – SSRF in GravityZone Console via DNS Truncation (VA-12634)
https://notcve.org/view.php?id=CVE-2025-2243
04 Apr 2025 — A server-side request forgery (SSRF) vulnerability in Bitdefender GravityZone Console allows an attacker to bypass input validation logic using leading characters in DNS requests. Paired with other potential vulnerabilities, this bypass could be used for execution of third party code. This issue affects GravityZone Console: before 6.41.2.1. Una vulnerabilidad de server-side request forgery (SSRF) en Bitdefender GravityZone Console permite a un atacante eludir la lógica de validación de entrada mediante cara... • https://www.bitdefender.com/support/security-advisories/ssrf-in-gravityzone-console-via-dns-truncation-va-12634 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2244 – Insecure PHP deserialization issue in GravityZone Console (VA-12634)
https://notcve.org/view.php?id=CVE-2025-2244
04 Apr 2025 — A vulnerability in the sendMailFromRemoteSource method in Emails.php as used in Bitdefender GravityZone Console unsafely uses php unserialize() on user-supplied input without validation. By crafting a malicious serialized payload, an attacker can trigger PHP object injection, perform a file write, and gain arbitrary command execution on the host system. Una vulnerabilidad en el método sendMailFromRemoteSource de Emails.php, utilizado en Bitdefender GravityZone Console, utiliza de forma insegura la función p... • http://bitdefender.com/support/security-advisories/insecure-php-deserialization-issue-in-gravityzone-console-va-12634 • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13870 – Unauthenticated Firmware Downgrade in Bitdefender Box v1
https://notcve.org/view.php?id=CVE-2024-13870
12 Mar 2025 — An improper access control vulnerability exists in Bitdefender Box 1 (firmware version 1.3.52.928 and below) that allows an unauthenticated attacker to downgrade the device's firmware to an older, potentially vulnerable version of a Bitdefender-signed firmware. The attack requires Bitdefender BOX to be booted in Recovery Mode and that the attacker be present within the WiFi range of the BOX unit. • https://bitdefender.com/support/security-advisories/unauthenticated-firmware-downgrade-in-bitdefender-box-v1 • CWE-1328: Security Version Number Mutable to Older Versions •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13871 – Unauthenticated Command Injection in Bitdefender BOX v1
https://notcve.org/view.php?id=CVE-2024-13871
12 Mar 2025 — A command injection vulnerability exists in the /check_image_and_trigger_recovery API endpoint of Bitdefender Box 1 (firmware version 1.3.11.490). This flaw allows an unauthenticated, network-adjacent attacker to execute arbitrary commands on the device, potentially leading to full remote code execution (RCE). A command injection vulnerability exists in the /check_image_and_trigger_recovery API endpoint of Bitdefender Box 1 (firmware version 1.3.11.490). This flaw allows an unauthenticated, network-adjacent... • https://bitdefender.com/support/security-advisories/unauthenticated-command-injection-in-bitdefender-box-v1 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13872 – Bitdefender Box Insecure Update Mechanism Vulnerability in libboxhermes.so
https://notcve.org/view.php?id=CVE-2024-13872
12 Mar 2025 — Bitdefender Box, versions 1.3.11.490 through 1.3.11.505, uses the insecure HTTP protocol to download assets over the Internet to update and restart daemons and detection rules on the devices. Updates can be remotely triggered through the /set_temp_token API method. Then, an unauthenticated and network-adjacent attacker can use man-in-the-middle (MITM) techniques to return malicious responses. Restarted daemons that use malicious assets can then be exploited for remote code execution on the device. • https://bitdefender.com/support/security-advisories/insecure-update-mechanism-vulnerability-in-libboxhermes-so-in-bitdefender-box-v1 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8094 – Untrusted Search Path Vulnerability in Bitdefender Antivirus Free 2020 (VA-8422)
https://notcve.org/view.php?id=CVE-2020-8094
15 Jan 2025 — An untrusted search path vulnerability in testinitsigs.exe as used in Bitdefender Antivirus Free 2020 allows a low-privilege attacker to execute code as SYSTEM via a specially crafted DLL file. • https://www.bitdefender.com/support/security-advisories/untrusted-search-path-vulnerability-bitdefender-antivirus-free-2020-va-8422 • CWE-426: Untrusted Search Path •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11128 – Insufficient Hardened Runtime or Library Validation signing in Bitdefender Virus Scanner for macOS
https://notcve.org/view.php?id=CVE-2024-11128
13 Jan 2025 — A vulnerability in the BitdefenderVirusScanner binary as used in Bitdefender Virus Scanner for MacOS may allow .dynamic library injection (DYLD injection) without being blocked by AppleMobileFileIntegrity (AMFI). This issue is caused by the absence of Hardened Runtime or Library Validation signing. This issue affects Bitdefender Virus Scanner versions before 3.18. A vulnerability in the BitdefenderVirusScanner binary as used in Bitdefender Virus Scanner for MacOS may allow .dynamic library injection (DYLD i... • https://www.bitdefender.com/support/security-advisories/insufficient-hardened-runtime-or-library-validation-signing-in-bitdefender-virus-scanner-for-macos • CWE-269: Improper Privilege Management •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-49570 – Insecure Trust of Basic Constraints certificate in Bitdefender Total Security HTTPS Scanning (VA-11210)
https://notcve.org/view.php?id=CVE-2023-49570
18 Oct 2024 — A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't authorized to issue certificates. This occurs when the "Basic Constraints" extension in the certificate indicates that it is meant to be an "End Entity”. This flaw could allow an attacker to perform a Man-in-the-Middle (MITM) attack, intercepting and potentially altering communications between the user and the website. Se ha identificado una vu... • https://www.bitdefender.com/support/security-advisories/insecure-trust-of-basic-constraints-certificate-in-bitdefender-total-security-https-scanning-va-11210 • CWE-295: Improper Certificate Validation •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-49567 – Insecure Trust of certificates using collision hash functions in Bitdefender Total Security HTTPS Scanning (VA-11239)
https://notcve.org/view.php?id=CVE-2023-49567
18 Oct 2024 — A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning functionality where the product incorrectly checks the site's certificate, which allows an attacker to make MITM SSL connections to an arbitrary site. The product trusts certificates that are issued using the MD5 and SHA1 collision hash functions which allow attackers to create rogue certificates that appear legitimate. • https://www.bitdefender.com/support/security-advisories/insecure-trust-of-certificates-using-collision-hash-functions-in-bitdefender-total-security-https-scanning-va-11239 • CWE-295: Improper Certificate Validation •