Cyber Security News Aggregator
.Cyber Tzar
provide acyber security risk management
platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.
First slide label
Some representative placeholder content for the first slide.
Second slide label
Some representative placeholder content for the second slide.
Third slide label
Some representative placeholder content for the third slide.
Code execution from web browser using URL schemes handled by KDE's KTelnetService and Konsole (CVE-2025-49091)
published on 2025-06-10 17:46:20 UTC by /u/11d_spaceContent:
This issue affects systems where KTelnetService and a vulnerable version of Konsole are installed but at least one of the programs telnet, rlogin or ssh is not installed. The vulnerability is in KDE's terminal emulator Konsole. As stated in the advisory by KDE, Konsole versions < 25.04.2 are vulnerable.
On vulnerable systems remote code execution from a visited website is possible if the user allows loading of certain URL schemes (telnet://, rlogin:// or ssh://) in their web browser. Depending on the web browser and configuration this, e.g., means accepting a prompt in the browser.
[link] [comments]
https://www.reddit.com/r/netsec/comments/1l858l1/code_execution_from_web_browser_using_url_schemes/
Published: 2025 06 10 17:46:20
Received: 2025 06 10 17:59:00
Feed: /r/netsec - Information Security News and Discussion
Source: /r/netsec - Information Security News and Discussion
Category: Cyber Security
Topic: Cyber Security
Views: 17
