vulnerability
FreeBSD: VID-c32cb4b7-ddcb-11f0-902c-b42e991fc52e (CVE-2025-66002): smb4k -- Critical vulnerabilities in Mount Helper
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:L/Au:S/C:P/I:P/A:C) | Dec 20, 2025 | Jan 27, 2026 | Jan 27, 2026 |
Severity
6
CVSS
(AV:L/AC:L/Au:S/C:P/I:P/A:C)
Published
Dec 20, 2025
Added
Jan 27, 2026
Modified
Jan 27, 2026
Description
vulndb reports: A vulnerability, which was classified as critical, was found in smb4k up to 4.0.4. Affected is some unknown functionality of the component Mount Helper. The manipulation with an unknown input leads to a access control vulnerability. CWE is classifying the issue as CWE-284. The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. This is going to have an impact on integrity, and availability. The advisory is available at seclists.org. The exploitability is told to be easy. Local access is required to approach this attack. The technical details are unknown and an exploit is not available.
Solution
freebsd-upgrade-package-smb4k
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.