Attackers are able to execute code remotely thanks to the vital command center flaw.

by
April 24, 2025Ravie LakshmananData Breach/Vulnerability

The Commvault Command Center has discovered a crucial security weakness that may cause affected installations to execute arbitrary code.

The risk, tracked as CVE-2025-34028, carries a CVSS report of 9.0 out of a maximum of 10.0.

In a warning issued on April 17, 2025, Commvault stated that” a critical security risk has been identified in the Command Center assembly, allowing remote adversaries to execute random code without authentication.” This flaw” could lead to a full settlement of the Command Center environment.”

It has been resolved in the following types and affects the 11.38 Innovation Release, which runs from versions 11.1.38.0 to 11.313.89.

  • 11.38.20
  • 11.38.25

Sonny Macdonald, a watchTowr Labs scholar, is credited with discovering and reporting the flaw on April 7, 2025, in a report released to The Hacker News that it could be used to execute pre-authenticated remote code.

The problem particularly has a point called “deployWebpackage” as its root. do, triggering what is known as a pre-authenticated Server-Side Request Forgery ( ) because there is” no filtering as as to what hosts can be communicated with.”

Making use of a ZIP archives file that contains a malicious.JSP document to make matters worse, the SSRF weakness could then be escalated to reach script execution. The complete sequence of events is as follows:

  • Send an HTTP demand to /commandcenter/deployWebpackage. complete, causing the Commvault example to get a ZIP file from an outside server.
  • The suspect’s command allows the contents of the ZIP file to be unzipped into an a.tmp listing.
  • Employ the servicePack feature to move the.tmp index to a server with a pre-authenticated facing directory, like as… /.. /Reports/MetricsUpload/shell.
  • Execute the SSRF using /commandcenter/deployWebpackage. Do you
  • Execute the tank from the folders /reports/MetricsUpload/shell. tmp/dist-cc/dist-cc/shell. servlet

Organizations can use a recognition artefact generator to find out if their example is susceptible to the vulnerability using watchTowr’s tool.

It’s crucial that users use necessary mitigations to protect against potential threats because vulnerabilities in backup and replication applications like and are susceptible to effective exploitation in the wild.

This content was exciting, did you find it? Follow us on and Twitter to access more unique information we article.

Leave a Comment