Commvault

In April 2025, researchers uncovered a critical path traversal vulnerability (CVE-2025-34028) in Commvault Command Center Innovation Release (versions 11.38.0 to 11.38.19). This flaw allows unauthenticated attackers to trigger a server-side request forgery that fetches and unpacks a malicious ZIP archive from a remote host. Once extracted, the payload installs a reverse shell, granting full remote code execution privileges on the backup management server. Successful exploitation can lead to unauthorized access to backup data, tampering or deletion of critical recovery sets, or the deployment of additional malware across protected endpoints. Organizations relying on these on-premise systems risk severe operational disruption due to compromised backup integrity and potential data loss. Threat actors could exfiltrate sensitive corporate and customer information stored in backups, undermine disaster recovery processes, and stage lateral movements to other internal assets. Unpatched instances may also serve as a foothold for persistent intrusion, ultimately eroding trust in data protection mechanisms, causing financial and reputational damage, and delaying incident response during recovery efforts. Though a patch is available in versions 11.38.20 and later, failure to update exposes enterprises to significant security and compliance risks.

Source: https://www.helpnetsecurity.com/2025/04/24/critical-commvault-rce-vulnerability-fixed-poc-available-cve-2025-34028/

"id": "com743042525",
"linkid": "commvault",
"type": "Vulnerability",
"date": "4/2025",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"