Join us at the legendary Security Wasteland party at Black Hat on August 6th
Register
Products
Government
Resources
Community
Company
Partners
Sign In / Join
Sign In
Advisories
Monero Forum RCE via Arbitrary File Read and Cookie Forgery
Go Back
severity
critical
date
June 30, 2025
Affecting
The forum was built on Laravel 4.2.22 and has been taken offline.
CVE
CVE-2025-34060
CVE type
Deserialization of Untrusted Data
CVSS
10
CVSS V4 Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
References
Researcher Analysis
Credit
cfreal