Detections
Analytics

NewStart CGSL MAIN 7.02 : libxml2 Multiple Vulnerabilities (NS-SA-2025-0106)

high Nessus Plugin ID 242784

Synopsis

The remote NewStart CGSL host is affected by multiple vulnerabilities.

Description

The remote NewStart CGSL host, running version MAIN 7.02, has libxml2 packages installed that are affected by multiple vulnerabilities:

 - In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters. (CVE-2025-32414)

 - libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails.
 This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail. (CVE-2023-45322)

 - An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free. (CVE-2024-25062)

 - In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting checked). This makes classic XXE attacks possible. (CVE-2024-40896)

 - libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.
 (CVE-2024-56171)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the vulnerable CGSL libxml2 packages. Note that updated packages may not be available yet. Please contact ZTE for more information.

See Also

https://security.gd-linux.com/notice/NS-SA-2025-0106

https://security.gd-linux.com/info/CVE-2023-45322

https://security.gd-linux.com/info/CVE-2024-25062

https://security.gd-linux.com/info/CVE-2024-40896

https://security.gd-linux.com/info/CVE-2024-56171

https://security.gd-linux.com/info/CVE-2025-24928

https://security.gd-linux.com/info/CVE-2025-27113

https://security.gd-linux.com/info/CVE-2025-32414

Plugin Details

Severity: High

ID: 242784

File Name: newstart_cgsl_NS-SA-2025-0106_libxml2.nasl

Version: 1.1

Type: local

Published: 7/25/2025

Updated: 7/25/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.1

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2025-32414

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:zte:cgsl_main:7, p-cpe:/a:zte:cgsl_main:libxml2, p-cpe:/a:zte:cgsl_main:libxml2-devel, p-cpe:/a:zte:cgsl_main:python3-libxml2

Required KB Items: Host/local_checks_enabled, Host/ZTE-CGSL/release, Host/ZTE-CGSL/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/25/2025

Vulnerability Publication Date: 6/13/2023

Reference Information

CVE: CVE-2023-45322, CVE-2024-25062, CVE-2024-40896, CVE-2024-56171, CVE-2025-24928, CVE-2025-27113, CVE-2025-32414

IAVA: 2024-A-0067-S, 2025-A-0123-S, 2025-A-0229-S