風險: 中度風險
類型: 操作系統 - 視窗操作系統
於 ASP.NET Core 發現一個漏洞。遠端攻擊者可利用此漏洞,於目標系統觸發權限提升。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
RISK: Medium Risk
TYPE: Operating Systems - Windows OS
A vulnerability has been identified in ASP.NET Core. A remote attacker could exploit this vulnerability to trigger elevation of privilege on the targeted system.
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 操作系統 - 流動裝置及操作系統
於蘋果產品發現一個漏洞。遠端攻擊者可利用此漏洞,於目標系統觸發洩露敏感資料。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
RISK: Medium Risk
TYPE: Operating Systems - Mobile & Apps
A vulnerability has been identified in Apple Products. A remote attacker could exploit this vulnerability to trigger sensitive information disclosure on the targeted system.
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
類別: 殭屍網絡
mickmick.net 近期留意到有報告指出,一個新的 Mirai 變種正在利用漏洞 (CVE-2025-29635),攻擊已停止支援的 D-Link DIR-823X 路由器。該漏洞屬於遠端任意程式碼執行漏洞,攻擊者可利用漏洞透過向特定端點發送請求,執行任意系統命令。
根據網絡安全公司的觀察,攻擊者會在目標設備下載並執行一個名為 dlink.sh 的惡意腳本,從而安裝名為 "tuxnokill" 的 Mirai 變種。此變種支援多種系統架構,並具備 Mirai 常見的 DDoS 攻擊功能。受感染的設備可能被用於日後發動 DDoS 攻擊,或執行其他惡意操作。
值得注意的是,攻擊者並非僅針對 D-Link 路由器,還同時利用其他漏洞,攻擊例如 TP-Link、ZTE 等品牌的已停產且缺乏安全更新的路由器。這顯示攻擊者正廣泛掃描並入侵多款已停止支援的設備。
由於受影響的路由器已停止支援,廠商未必會推出修補程式,因此使用者若繼續使用相關設備,受感染及入侵的風險極高。另外,mickmick.net 的數據顯示,近期 Mirai 及其變種在香港的感染活動持續活躍。
mickmick.net 建議用戶採取以下措施,以減低設備被殭屍網絡感染及被利用的風險:
Type: Botnet
mickmick.net has recently noted reports indicating that a new variant of the Mirai botnet is exploiting vulnerabilities (CVE-2025-29635) to attack D-Link DIR-823X routers that have reached end-of-life and are no longer supported. The vulnerability is a remote arbitrary code execution flaw, which attackers can exploit by sending requests to specific endpoints to execute arbitrary system commands.
According to observations from cybersecurity companies, attackers download and execute a malicious script named dlink.sh on targeted devices, thereby installing a Mirai variant called "tuxnokill". This variant supports multiple system architectures and retains the common DDoS attack capabilities of Mirai. Infected devices may later be used to launch DDoS attacks or perform other malicious activities.
It is noteworthy that attackers are not only targeting D-Link routers, but are also exploiting other vulnerabilities to attack end-of-life routers from brands such as TP-Link and ZTE, which lack security updates. This indicates that attackers are broadly scanning and compromising various unsupported devices.
Since the affected routers are no longer supported, vendors may not release patches. Users who continue to use these devices face a high risk of infection and intrusion. Additionally, mickmick.net data shows that Mirai and its variants remain actively spreading in Hong Kong in recent times.
mickmick.net recommends users take the following measures to reduce the risk of botnet infection and exploitation:
風險: 中度風險
類型: 用戶端 - 瀏覽器
於 Mozilla 產品發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況、權限提升、遠端執行任意程式碼、繞過保安限制、仿冒及敏感資料洩露。
以下版本之前的版本﹕
在安裝軟體之前,請先瀏覽供應商之官方網站,以獲得更多詳細資料。
更新至版本:
RISK: Medium Risk
TYPE: Clients - Browsers
Multiple vulnerabilities were identified in Mozilla Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, security restriction bypass, spoofing and sensitive information disclosure on the targeted system.
Versions prior to:
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 伺服器 - 數據庫伺服器
於甲骨文產品發現多個漏洞,遠端攻擊者可利用這些漏洞,於目標系統觸發權限提升、阻斷服務狀況、遠端執行程式碼、敏感資料洩露、資料篡改及繞過保安限制。
有關其他 甲骨文 產品,請參閱以下連結:
https://www.oracle.com/security-alerts/cpuapr2026.html
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
https://www.oracle.com/security-alerts/cpuapr2026.html
RISK: Medium Risk
TYPE: Servers - Database Servers
Multiple vulnerabilities were identified in Oracle Products, a remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, denial of service condition, remote code execution, sensitive information disclosure, data manipulation and security restriction bypass on the targeted system.
For other Oracle products, please refer to the link below:
https://www.oracle.com/security-alerts/cpuapr2026.html
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
https://www.oracle.com/security-alerts/cpuapr2026.html
風險: 高度風險
類型: 伺服器 - 其他伺服器
於PaperCut發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發繞過保安限制及遠端執行程式碼。
注意:
CVE-2023-27351 正被廣泛利用。遠端攻擊者可利用此漏洞,透過 SecurityRequestFilter 類別繞過受影響系統的驗證機制。因此,風險等級被評為高度風險。
CVE-2023–27350
PaperCut MF 或 NG 8.0 或之後的版本 (不包括已修補的版本)。 包括:
版本8.0.0 至 19.2.7 (含)
版本20.0.0 至 20.1.6 (含)
版本 21.0.0 至 21.2.10 (含)
版本 22.0.0 至 22.0.8 (含)
CVE-2023–27351
PaperCut MF 或 NG 15.0 或之後的版本 (不包括已修補的版本)。 包括:
版本 15.0.0 至 19.2.7(含)
版本 20.0.0 至 20.1.6(含)
版本 21.0.0 至 21.2.10(含)
版本 22.0.0 至 22.0.8(含)
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
RISK: High Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in PaperCut. A remote attacker could exploit these vulnerabilities to trigger security restriction bypass and remote code execution on the targeted system.
Note:
CVE-2023-27351 is being exploited in the wild. A remote attacker could leverage this vulnerability to bypass authentication on affected installations via the SecurityRequestFilter class. Hence, the risk level is rated as High Risk.
CVE-2023–27350
PaperCut MF or NG version 8.0 or later (excluding patched versions). This includes:
CVE-2023–27351
PaperCut MF or NG version 15.0 or later (excluding patched versions). This includes:
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 高度風險
類型: 伺服器 - 互聯網應用伺服器
於 Zimbra Collaboration Suite 發現一個漏洞。遠端攻擊者可利用此漏洞,於目標系統觸發跨網站指令碼及洩露敏感資料。
注意:
CVE-2025-48700 正在被廣泛利用。此漏洞可能使攻擊者在用戶的會話中執行任意 JavaScript 程式碼,進而導致敏感資訊遭未經授權存取。因此,風險等級被評為高度風險。
10.0.12 之前的版本
10.1.4 之前的版本
8.8.15 Patch 47 之前的版本
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝軟件供應商提供的修補程式:
RISK: High Risk
TYPE: Servers - Internet App Servers
A vulnerability has been identified in Zimbra Collaboration Suite. A remote attacker could exploit this vulnerability to trigger cross-site scripting and sensitive information disclosure the targeted system.
Note:
Prior to Version 10.0.12
Prior to Version 10.1.4
Prior to Version 8.8.15 Patch 47
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 用戶端 - 瀏覽器
於 Microsoft Edge 發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發遠端執行任意程式碼、阻斷服務狀況、繞過保安限制及洩露敏感資料。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝軟件供應商提供的修補程式:
RISK: Medium Risk
TYPE: Clients - Browsers
Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, denial of service condition, security restriction bypass and sensitive information disclosure on the targeted system.
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 保安軟件及應用設備 - 保安軟件及應用設備
於思科產品發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發洩露敏感資料、跨網站指令碼及繞過保安限制。
請參考供應商發佈的連結以了解受影響的版本:
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式:
RISK: Medium Risk
TYPE: Security software and application - Security Software & Appliance
Multiple vulnerabilities were identified in Cisco products. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, cross-site scripting and security restriction bypass on the targeted system.
For affected versions, please refer to the link issued by the vendor:
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 用戶端 - 瀏覽器
於 Google Chrome 發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況、遠端執行任意程式碼、洩露敏感資料及繞過保安限制。
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝軟件供應商提供的修補程式:
RISK: Medium Risk
TYPE: Clients - Browsers
Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, sensitive information disclosure and security restriction bypass on the targeted system.
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
風險: 中度風險
類型: 用戶端 - 辦公室應用
Adobe已為產品提供本月保安更新:
| 受影響產品 | 風險程度 | 影響 | 備註 | 詳情(包括 CVE) |
| Adobe Acrobat Reader |  中度風險 | 遠端執行程式碼 資料洩露 | APSB26-44 | |
| Adobe InDesign | 中度風險 | 遠端執行程式碼 資料洩露 | APSB26-32 | |
| Adobe InCopy | 中度風險 | 遠端執行程式碼 | APSB26-33 | |
| Adobe Experience Manager (AEM) Screens | 中度風險 | 跨網站指令碼 遠端執行程式碼 | APSB26-34 | |
| Adobe FrameMaker | 中度風險 | 遠端執行程式碼 資料洩露 | APSB26-36 | |
| Adobe Connect | 中度風險 | 遠端執行程式碼 跨網站指令碼 權限提升 | APSB26-37 | |
| Adobe ColdFusion | 中度風險 | 繞過保安限制 遠端執行程式碼 資料洩露 阻斷服務 | APSB26-38 | |
| Adobe Bridge | 中度風險 | 遠端執行程式碼 阻斷服務 | APSB26-39 | |
| Adobe Photoshop | 中度風險 | 遠端執行程式碼 | APSB26-40 | |
| Adobe DNG Software Development Kit (SDK) | 中度風險 | 資料洩露 阻斷服務 | APSB26-41 | |
| Adobe Illustrator | 中度風險 | 遠端執行程式碼 | APSB26-42 |
「極高度風險」產品數目:0
「高度風險」產品數目:0
「中度風險」產品數目:11
「低度風險」產品數目:0
整體「風險程度」評估:中度風險
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
