CVE-2025-52666
LOWDescription
Improper neutralisation of format characters in the settings of Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an administrator user to disable the admin user console due to a fatal PHP error.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| revive-adserver | revive_adserver |
| revive-adserver | revive_adserver |
References
Frequently Asked Questions
What is CVE-2025-52666? +
How severe is CVE-2025-52666? +
What products are affected by CVE-2025-52666? +
How do I check if I'm vulnerable to CVE-2025-52666? +
Related Vulnerabilities
ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of the USER command. By sending …
An authenticated format string vulnerability is present in the ONVIF AddScopes in Tapo C520WS v2, where user-controlled input is improperly …
A format string vulnerability has been found in the "alias" parameter of the Serial Param configuration page in the NPort …
An authenticated format string vulnerability exists in the ONVIF Subscribe service in Tapo C520WS v2 due to improper handling of …
In versions of Zend Server 8.5 and prior to version 9.2 a format string injection was discovered. Reported by Dylan …
Solar FTP Server fails to properly handle format strings passed to the USER command. When a specially crafted string containing …