Do Son 
Researcher Zhinyan Peng has released detailed findings and a working proof-of-concept (PoC) exploit for a vulnerability in Windows Deployment Services (WDS). The flaw enables unauthenticated attackers to trigger a system crash by sending specially crafted FTP requests. The issue affects all major versions of Windows, yet Microsoft has declined to issue a fix. It was this decision that compelled Peng to publish the exploit. Given WDS’s widespread use in enterprise networks for remote Windows installations, a successful attack could potentially cripple large-scale infrastructures.
While Microsoft remains silent, other developers are confronting vulnerabilities of equally grave concern. Experts from CERT at Carnegie Mellon University have reported that Digigram PYKO-OUT devices—widely used for audio streaming within facilities and across operational sites—lack authentication and openly expose their configuration files. As the product has been declared obsolete, the manufacturer has no plans to release patches. Nevertheless, users may still manually enable password protection through the administrative interface.
Amid these developments, the WatchTowr Labs team has dissected two actively exploited vulnerabilities in SonicWall—one inherent to the product itself and the other stemming from an embedded Apache component.
Simultaneously, Rapid7 has published technical details and a PoC for CVE-2024-6235, a vulnerability in Citrix NetScaler that results in information leakage. Analysts at VulnCheck believe this flaw is highly likely to be exploited in the wild, following the pattern of previous vulnerabilities for which public PoCs were made available.
Shelltrail has disclosed three vulnerabilities in IXON VPN clients. Two allow local privilege escalation, while the third remains undisclosed as it is still without a patch.
In addition, cryptographer Lukasz Olejnik has published an assessment of the risks associated with Alibaba’s Qwen3 language model. According to his analysis, the model contains three potential vulnerabilities that may enable prompt injection—a class of attacks wherein large language models are deceived through crafted external inputs.
Lastly, Fortra has issued two security updates for its GoAnywhere file transfer server. While details remain sparse, the company emphasizes that the updates aim to bolster the resilience of enterprise environments.
