THREATEL
Threat Intel
Dashboard
Devices
Applications
CVEs
Advisories
Sync Logs
v0.1
← CVEs
CVE-2025-66834
HIGH
7.3
Published
2025-12-30
Last Modified
2026-01-07
Affected Apps
5
Affected Devices
9
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
A CSV Formula Injection vulnerability in TrueConf Server v5.5.2.10813 allows a normal user to inject malicious spreadsheet formulas into exported chat logs via crafted Display Name.
Affected Applications in Environment
5
FileMaker Server
v15.0.3 (10-27-2016)
1 device
SQL Server Management Studio
v15.0.18424.
1 device
libvncserver
v0.9.11-17.el8
5 devices
libvncserver
v0.9.9-14.el7_8.1
1 device
libvncserver
v0.9.11-17.el8
1 device
Affected Devices
9
EDUCDB1
Windows
RVS112-03
Windows
chela03
Linux
chela04
Linux
chela05
Linux
dpapsb-161390.aggies.usu.edu
Linux
dpapsb-191594.mypc.usu.edu
Linux
eprocdev.banner.usu.edu
Linux
guru.cluster
Linux
References
3
https://github.com/x00nullbit/CVE-References/blob/main/CVE-2025-66834/README.md
https://trueconf.com
https://github.com/x00nullbit/CVE-References/blob/main/CVE-2025-66834/README.md