QwikSec

Security Database

CVE

CWE

Training

CVE-2025-1774

Published: Mar 17, 2025

Modified: Mar 17, 2025

PUBLISHED

Description

Incorrect string encoding vulnerability in NASK - PIB BotSense allows injection of an additional field separator character or value in the content of some fields of the generated event. A field with additional field separator characters or values can be included in the "extraData" field.This issue affects BotSense in versions before 2.8.0.

Vendor	Product	Versions
NASK - PIB	BotSense	affected `0 - < 2.8.0`

Weaknesses (CWE)

References

https://cert.pl/en/posts/2025/03/CVE-2025-1774/

third-party-advisory

https://cert.pl/posts/2025/03/CVE-2025-1774/

third-party-advisory

https://nask.pl/instytut/dla-biznesu/botsense/

product

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.