CVE-2025-34028
Published Apr 22, 2025
Last updated 7 hours ago
AI description
CVE-2025-34028 is a vulnerability in Commvault Command Center Innovation Release that allows an unauthenticated attacker to upload ZIP files. This path traversal vulnerability can lead to remote code execution when the server expands these files. The vulnerability affects Command Center Innovation Release versions 11.38.0 through 11.38.19 and has been patched in version 11.38.20. The vulnerability exists in the "deployWebpackage.do" and "deployServiceCommcell.do" endpoints, which are excluded from authentication requirements. An attacker can exploit this by sending an HTTP request to these endpoints, triggering a Server-Side Request Forgery (SSRF) vulnerability. This allows the attacker to force the Commvault server to download a ZIP file from an external server, use path traversal to place files in restricted directories, and ultimately execute malicious code via the web interface.
- Description
- The Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files that represent install packages that, when expanded by the target server, are vulnerable to path traversal vulnerability that can result in Remote Code Execution via malicious JSP. This issue affects Command Center Innovation Release: 11.38.
- Source
- disclosure@vulncheck.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Commvault Command Center Path Traversal Vulnerability
- Exploit added on
- May 2, 2025
- Exploit action due
- May 23, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
📢CISA เพิ่มช่องโหว่ CVE-2025-34028 ของ Commvault Command Center ลงใน KEV Catalog #ThaiCERT #NCSA #CybersecurityNew สามารถติดตามข่าวสารได้ที่ https://t.co/HCsLrrYz4c https://t.co/kkFEiv8Sm
@ThaiCERTByNCSA
7 May 2025
27 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Oh boy this could get ugly... @wdormann says certain versions of Commvault Command Center vulnerability (CVE-2025-34028) are still exploitable. CVE-2025-34028 is a full CVSS 10 and was added on May 02, 2025 to the KEV by @CISAgov as being exploited in-the-wild. https://t.co/b5Xok
@gothburz
7 May 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA added Commvault CVE-2025-34028 to the KEV list after confirming active exploitation of this critical flaw Learn what you need to know to protect your systems. Don't risk data loss or ransomware attacks – take immediate action! https://t.co/xJNtHONEEW
@vulert_official
6 May 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Commvault CVE-2025-34028は、アクティブな悪用が確認された後、CISAのKEVに追加されました。 https://t.co/pu3gPu7ry8 #Security #セキュリティ #ニュース
@SecureShield_
6 May 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-34028
@transilienceai
5 May 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CISA has identified CVE-2025-34028 as a critical vulnerability in Commvault Command Center, enabling remote code execution via malicious ZIP files. Federal agencies must apply patches by May 23, 2025. 🛡️ #CISA #Commvault #USA link: https://t.co/8ZqefS8wh4 https://t.co/IdsPu
@TweetThreatNews
5 May 2025
74 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Commvault RCE Flaw Actively Exploited! CISA adds CVE-2025-34028 to its KEV catalog after reports of real-world attacks. Vulnerability allows unauthenticated RCE via malicious ZIP uploads. 🔒 Patch immediately! Full Article 🖇️ https://t.co/jmNeUIP8gC #CyberSecurity #In
@cybrhoodsentinl
5 May 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed https://t.co/2DJRQF9ZCc #CyberSecurity
@EpicPlain
5 May 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed https://t.co/XLYZmV7ayR https://t.co/QzUyfq1IR7
@talentxfactor
5 May 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed https://t.co/c05c7ZhR0p
@DemolisherDigi
5 May 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 أضافت وكالة الأمن السيبراني والبنية التحتية الأمريكية (CISA) ثغرة أمنية شديدة الخطورة في مركز قيادة Commvault إلى قائمة الثغرات المعروفة المستغلة، بعد أسبوع
@Cybercachear
5 May 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed https://t.co/jK5vEdHmNA
@molari999
5 May 2025
5 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
📍Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed https://t.co/pWvpIX2IvT
@cyberetweet
5 May 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The Hacker News - Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed https://t.co/L8Pdtryrjf
@buzz_sec
5 May 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
This headline highlights the active exploitation of a vulnerability (CVE-2025-34028) in Commvault's software, underscoring the continuous threat landscape... https://t.co/7tbitu8ysz #TechNews #Innovation #Consulting
@EnRouteIT
5 May 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation Confirmed https://t.co/CHL4iyvDWS via @TheHackersNews
@ABabino
5 May 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Commvault CVE-2025-34028 Added to CISA KEV After Active Exploitation #security #cybersecurity #hack #it-security https://t.co/ocz6KcpEag
@TheCySecNews
5 May 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Zero-click, max impact — and it's already being exploited. A critical Commvault bug (CVE-2025-34028, CVSS 10.0) lets hackers upload poisoned ZIPs, leading to full remote code execution—no login needed. Read: https://t.co/WBd1F93AlI... https://t.co/1CDzSUh8rO
@IT_news_for_all
5 May 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Zero-click, max impact — and it's already being exploited. A critical Commvault bug (CVE-2025-34028, CVSS 10.0) lets hackers upload poisoned ZIPs, leading to full remote code execution—no login needed. Read: https://t.co/UNh7kD7Mjr Deadline for U.S. agencies: May 23.
@TheHackersNews
5 May 2025
61612 Impressions
59 Retweets
150 Likes
42 Bookmarks
4 Replies
4 Quotes
A critical vulnerability (CVE-2025-34028) in Commvault Command Center allows remote code execution without authentication, impacting versions 11.38.0 to 11.38.19. It's now in CISA's KEV catalog. ⚠️ #Commvault #CyberFlaw #USA link: https://t.co/LBuuxjSfI8 https://t.co/AEHe6bI
@TweetThreatNews
5 May 2025
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
csirt_it: ‼️ #Exploited #Commvault: rilevato lo sfruttamento attivo in rete della vulnerabilità CVE-2025-34028 per il prodotto #CommvaultCommandCenter Rischio: 🟠 Tipologia: 🔸 Remote Code Execution 🔗 https://t.co/veVQXxtb9w ⚠ Importante aggiornare… https://t.
@Vulcanux_
5 May 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fire In The Hole, We’re Breaching The Vault - Commvault Remote Code Execution (CVE-2025-34028) https://t.co/CD7qLUfOR3
@akaclandestine
4 May 2025
854 Impressions
0 Retweets
3 Likes
3 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-34028 #Commvault Command Center Path Traversal Vulnerability https://t.co/OJ8QSyhVNO
@ScyScan
2 May 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ We added Yii framework and Commvault vulnerabilities CVE-2024-58136 & CVE-2025-34028 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from cyberattacks. https://t.co/Eil0idoZXD
@CISACyber
2 May 2025
5670 Impressions
12 Retweets
22 Likes
3 Bookmarks
1 Reply
3 Quotes
🚨 Critical #RCE vulnerability (CVE-2025-34028) found in Commvault Command Center! Pre-auth exploit allows code execution. Upgrade to v11.38.20 ASAP to patch. 🛡️ More info and affected versions: https://t.co/jEYxMLUKPM #Cybersecurity #VulnerabilityManagement
@fernandokarl
28 Apr 2025
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-34028
@transilienceai
28 Apr 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 CVE-2025-34028 - critical 🚨 Commvault - SSRF via /commandcenter/deployWebpackage.do > A path traversal vulnerability in Commvault Command Center Innovation Release allows ... 👾 https://t.co/jF5udvJgJW @pdnuclei #NucleiTemplates #cve
@pdnuclei_bot
27 Apr 2025
609 Impressions
3 Retweets
15 Likes
1 Bookmark
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-34028
@transilienceai
27 Apr 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) - Help Net Security https://t.co/2JNey2VS4N
@PVynckier
27 Apr 2025
86 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-34028
@transilienceai
26 Apr 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-34028
@transilienceai
26 Apr 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Heath Renfrow, co-founder and CISO of @Fenix24, alerts businesses about the Commvault Bug CVE-2025-34028 and offers guidance on necessary precautions until a fix is released, as discussed in @Dark Reading. Read what to do now 👇 https://t.co/fJC3rIrdab
@ed_myruski
25 Apr 2025
37 Impressions
2 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-34028
@transilienceai
25 Apr 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-34028, a maximum-severity #RCE #vulnerability in the Command Center, poses a severe risk to impacted instances and may result in a full system compromise. Detect exploitation attempts with #Sigma rules from SOC Prime Platform. https://t.co/SuofM898rM
@SOC_Prime
25 Apr 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
最大深刻度のCommvaultバグが研究者を警戒させる(CVE-2025-34028) https://t.co/zu7LFTAgEo #Security #セキュリティ #ニュース
@SecureShield_
25 Apr 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-34028
@transilienceai
25 Apr 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Critical #Commvault RCE vulnerability (CVE-2025-34028) discovered in Command Center v11.38. Immediate update to v11.38.20 or later recommended to prevent remote code execution. #CyberSecurity #DataProtection https://t.co/bEuxFOePwu
@dailytechonx
24 Apr 2025
75 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Bulletin: CVE-2025-34028 affects Commvault Command Center (v11.38.0–11.38.19). Unauthenticated RCE via path traversal in a vulnerable endpoint. PoCs exist. Immediate patching to 11.38.20+ is recommended. #ThreatIntel #RedLeggCTI #Commvault https://t.co/HukD7fx0zU
@RedLegg
24 Apr 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical RCE vulnerability (CVE-2025-34028) found in Commvault Command Center! Unauthenticated attackers can execute arbitrary code. Patch ASAP! ⚠️ Use Sigma rules on SOC Prime Platform to detect exploitation attempts. #Cybersecurity #RCE https://t.co/mufizkhNMZ
@fernandokarl
24 Apr 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-34028: Critical RCE in Commvault Command Center (v11.38.0–11.38.19) via SSRF. No auth required. Patch immediately to v11.38.20 or later. #CyberSecurity #VulnerabilityManagement #Commvault #RCE #Infosec #SecurityUpdate https://t.co/xjzdQ8GOWx
@CloneSystemsInc
24 Apr 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical #Commvault RCE #vulnerability fixed, PoC available (#CVE-2025-34028) https://t.co/xugqr91B0r
@ScyScan
24 Apr 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical flaw (CVE-2025-34028) in Commvault Command Center allows remote code execution without authentication. Versions 11.38.0 - 11.38.19 are affected. Update to 11.38.20 or 11.38.25! 🚨 #Commvault #InfoSec #USA link: https://t.co/aKsxudbYWo https://t.co/LG2roWAANZ
@TweetThreatNews
24 Apr 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Fire In The Hole, We’re Breaching The Vault - Commvault Remote Code Execution (CVE-2025-34028) - watchTowr Labs https://t.co/nh4CZbi1d7 https://t.co/WAHgaO2pvh
@secharvesterx
24 Apr 2025
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 تم الكشف عن ثغرة أمنية حرجة في مركز التحكم Commvault، مما يسمح للمهاجمين بتنفيذ تعليمات برمجية عن بُعد. تحمل الثغرة، المسماة CVE-2025-34028، درجة CVSS تبلغ 9.0 من 10.0، مما يجعلها تهديداً كبيراً للأمان. #الامن_السيبراني https://t.co/rpb3O91RzE
@Cybercachear
24 Apr 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔥 Critical Exploit Alert! A 9.0 CVSS flaw in Commvault Command Center lets hackers run code without logging in. 🎯 Targets versions 11.38.0–11.38.19 💥 Pre-auth SSRF → Remote Code Execution Learn more about CVE-2025-34028 here: https://t.co/Scx7xa4a96
@TheHackersNews
24 Apr 2025
10632 Impressions
43 Retweets
105 Likes
30 Bookmarks
0 Replies
1 Quote
We're back! This time, we're analyzing CVE-2025-34028 - a pre-auth Remote Code Execution vulnerability we discovered in Commvault - yet another enterprise-grade Backup and Replication solution. https://t.co/yJa0bmYdF1
@watchtowrcyber
24 Apr 2025
11967 Impressions
68 Retweets
156 Likes
38 Bookmarks
4 Replies
3 Quotes
CVE-2025-34028: Critical RCE Flaw in Commvault Command Center Scores CVSS 10 https://t.co/nEegTo8ssF
@Dinosn
24 Apr 2025
2797 Impressions
10 Retweets
25 Likes
3 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-34028 ⚠️🔴 CRITICAL (10) 🏢 Commvault - Command Center Innovation Release 🏗️ 11.38 🔗 https://t.co/LjftS5lDZD #CyberCron #VulnAlert #InfoSec https://t.co/BFKWzSI9fK
@cybercronai
24 Apr 2025
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE番号:CVE-2025-34028 についてのURLはこちら https://t.co/eKBYZIXiDB
@SMBC_cyberfront
24 Apr 2025
121 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【早期警戒脆弱性情報】 CVE番号:CVE-2025-34028 Commvault Command Center Innovation Release のパストラバーサルの脆弱性により、認証されていないアクターが ZIP ファイルをアップロードし、ターゲットサーバーによって展開されると、リモートコードが実行される可能性があります。
@SMBC_cyberfront
24 Apr 2025
150 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:commvault:commvault:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C510195-3CF6-460F-8AE0-FDB227262086",
"versionEndIncluding": "11.38.19",
"versionStartIncluding": "11.38.0"
},
{
"criteria": "cpe:2.3:a:commvault:commvault:11.38.20:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A858E4E4-A2B2-45B8-A6C1-786703A35EA4"
},
{
"criteria": "cpe:2.3:a:commvault:commvault:11.38.25:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6284A494-F84E-47FB-A415-6D7AAC46BA09"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]