The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count. Older CVEs, trivially exploitable vulnerabilities (such as using hard-coded credentials) and those affecting open source projects with very small userbases aren’t listed.

For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them.

CVE-2024-55591

• Severity: 9.8 CRITICAL
• Impacted Products: FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12
• Description: An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.
• Remediation: Follow developer guidance.
• More Info: CVE-2024-55591
• PoC: https://github.com/watchtowrlabs/fortios-auth-bypass-check-CVE-2024-55591/ (Not a PoC, just a script to check if your instance is vulnerable, but I think it’s valuable and useful as the vuln is critical)

CVE-2024-40891

• Severity: 8.8 HIGH
• Impacted Products: DSL CPE Zyxel VMG4325-B10A firmware
• Description: A post-authentication command injection vulnerability in the management commands of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an authenticated attacker to execute operating system (OS) commands on an affected device via Telnet.
• Remediation: Follow developer guidance.
• More Info: CVE-2024-40891
• PoC: https://vulncheck.com/blog/zyxel-telnet-vulns

CVE-2025-24118

• Severity: Awaiting Analysis
• Impacted Products: iPadOS > 17.7.4, macOS Sequoia > 15.3, macOS Sonoma > 14.7.3
• Description: The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or write kernel memory.
• Remediation: Follow developer guidance.
• More Info: CVE-2025-24118
• PoC: https://github.com/jprx/CVE-2025-24118/

CVE-2024-57595

• Severity: Awaiting analysis
• Impacted Products: DLINK DIR-825 REVB 2.03 devices
• Description: OS command injection vulnerability in the CGl interface apc_client_pin.cgi, which allows remote attackers to execute arbitrary commands via the parameter “wps_pin” passed to the apc_client_pin.cgi binary through a POST request.
• Remediation: Follow developer guidance.
• More Info: CVE-2024-57595
• PoC: https://github.com/IdaJea/IOT_vuln_1/blob/master/DIR825/wps_pin.md

CVE-2024-53584

• Severity: 9.8 CRITICAL
• Impacted Products: OpenPanel v0.3.4
• Description: OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone parameter.
• Remediation: Follow developer guidance.
• More Info: CVE-2024-53584
• PoC: https://cxsecurity.com/issue/WLB-2025010034

CVE-2024-21413

• Severity: 9.8 CRITICAL
• Impacted Products: Microsoft Outlook
• Description: Microsoft Outlook Remote Code Execution Vulnerability.
• Remediation: Follow Microsoft’s advisories for mitigation or patching strategies.
• More Info: NVD - CVE-2024-21413
• PoC: https://github.com/duy-31/CVE-2024-21413/

CVE-2024-12847

• Severity: 7.5 HIGH
• Impacted Products: NETGEAR DGN1000 before 1.1.00.48
• Description: Authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been exploited in the wild since at least 2017.
• Remediation: Follow developer guidance.
• More Info: CVE-2024-12847
• PoC: https://www.exploit-db.com/exploits/43055

References

This list was scraped from the quite amazing and highly recommended newsletters below:

• ~this week in security~
• Unsupervised Learning
• @RISK
• Hive Five
• Vulnerable U
• tl;dr sec

Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.