Neat vuln in Fail2Ban.

Gist

CVE‑2025‑45311 Command Execution / Privilege Escalation in Fail2Ban 0.11.2

CVE‑2025‑45311 Command Execution / Privilege Escalation in Fail2Ban 0.11.2 - gist:1c707a08f9c7f9a91d9d84b5010aaed2

> Fail2Ban 0.11.2 contains a vulnerability that allows an attacker with the ability to influence logged input (e.g., authentication logs, service logs processed by Fail2Ban filters) to inject specially crafted patterns that lead to command execution within the Fail2Ban action processing pipeline. > Because Fail2Ban actions typically run with root privileges, this can result in privilege escalation, allowing an attacker to execute commands with elevated permissions. > The issue arises from insufficient sanitization of variables passed into action scripts under certain configurations, allowing malicious input to propagate into shell execution.

That's an avenue that I admit I hadn't thought to check before. Seems so simple though.

cve-details

> A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.

Trying to figure out which security vendor is going to screw up the upcoming long weekend in the states and the list of suspects is ridiculously long.

D-Link https://www.cve.org/CVERecord?id=CVE-2025-13562 Davantis https://www.cve.org/CVERecord?id=CVE-2025-41016 https://www.cve.org/CVERecord?id=CVE-2025-41017 cc: @npub1n4kt...jm05 [@da_667](

Infosec Exchange

da_667 (@da_667@infosec.exchange)

383 Posts, 1.71K Following, 5.9K Followers · Senior Security Researcher, Proofpoint Emerging Threats. I've been doing this cybersecurity thing ...

) #internetOfShit

Since when did windows in Windows cover the taskbar? I thought the whole idea was that it's always exposed unless you do the hide thing in the settings.

JNDI injection in DataEase DB2.

GitHub

DataEase DB2 JNDI Vulnerability

### Impact Summary A blacklist was added in the patch for v2.10.14. However, JNDI injection remains possible via the iiop, corbaname, and iiopn...

For those of you looking to get an early jump on your holiday shopping.

RCE in Apache Causeway. https://lists.apache.org/thread/rjlg4spqhmgy1xgq9wq5h2tfnq4pm70b

infosec dot exchange is fine blog dot gayint dot org is fine intel dot gayint dot org is fine# THIS SMUGNESS IS FINE