Overview Recently, NSFOCUS CERT detected that H2O-3 released a security update to fix the H2O-3 JDBC deserialization vulnerability (CVE-2025-6507); This vulnerability is a bypass of CVE-2024-45758 and CVE-2024-10553. Due to the deserialization flaw in the system’s JDBC connection processing logic, an unauthenticated attacker can bypass existing regular expression filtering by manipulating spaces between parameters, thereby […]

The post H2O-3 JDBC Deserialization Vulnerability (CVE-2025-6507) appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post H2O-3 JDBC Deserialization Vulnerability (CVE-2025-6507) appeared first on Security Boulevard.

NSFOCUS

Source: Security Boulevard
Source Link: https://securityboulevard.com/2025/09/h2o-3-jdbc-deserialization-vulnerability-cve-2025-6507/?utm_source=rss&utm_medium=rss&utm_campaign=h2o-3-jdbc-deserialization-vulnerability-cve-2025-6507