AttackFeed by Joe Wagner | SEC Consult SA-20260427-0 :: Missing TLS Certificate Validation leading to RCE in DeskTime Time Tracking App  - Full Disclosure

SEC Consult SA-20260427-0 :: Missing TLS Certificate Validation leading to RCE in DeskTime Time Tracking App  – Full Disclosure

Posted on By Joe-W No Comments on SEC Consult SA-20260427-0 :: Missing TLS Certificate Validation leading to RCE in DeskTime Time Tracking App  – Full Disclosure
Alert Feeds

 

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 29

SEC Consult Vulnerability Lab Security Advisory < 20260427-0 >
=======================================================================
title: Missing TLS Certificate Validation leading to RCE
product: DeskTime Time Tracking App
vulnerable version: 1.3.671
fixed version: –
CVE number: CVE-2025-10539
             impact: medium
homepage:https://desktime.com
 – Read More  – Full Disclosure 

You may also like

AttackFeed by Joe Wagner | [SECURITY ADVISORY] CVE-2026-34473 - Unauthenticated DoS in 17+ ZTE Router Models (140K+ Devices)  - Full Disclosure
Alert Feeds
[SECURITY ADVISORY] CVE-2026-34473 – Unauthenticated DoS in 17+ ZTE Router Models (140K+ Devices)  – Full Disclosure
May 25, 2026
AttackFeed by Joe Wagner | APPLE-SA-03-11-2026-1 iOS 16.7.15 and iPadOS 16.7.15  - Full Disclosure
Alert Feeds
APPLE-SA-03-11-2026-1 iOS 16.7.15 and iPadOS 16.7.15  – Full Disclosure
March 12, 2026
AttackFeed by Joe Wagner | APPLE-SA-03-24-2026-7 watchOS 26.4  - Full Disclosure
Alert Feeds
APPLE-SA-03-24-2026-7 watchOS 26.4  – Full Disclosure
March 28, 2026
AttackFeed by Joe Wagner | APPLE-SA-03-24-2026-10 Xcode 26.4  - Full Disclosure
Alert Feeds
APPLE-SA-03-24-2026-10 Xcode 26.4  – Full Disclosure
March 28, 2026

Leave a Reply