Overview Recently, NSFOCUS CERT detected that H2O-3 released a security update to fix the H2O-3 JDBC deserialization vulnerability (CVE-2025-6507); This vulnerability is a bypass of CVE-2024-45758 and CVE-2024-10553. Due to the deserialization flaw in the system’s JDBC connection processing logic, an unauthenticated attacker can bypass existing regular expression filtering by manipulating spaces between parameters, thereby […]
The post H2O-3 JDBC Deserialization Vulnerability (CVE-2025-6507) appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..
The post H2O-3 JDBC Deserialization Vulnerability (CVE-2025-6507) appeared first on Security Boulevard.
Read the original article: