Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely

Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely
Summary: A critical security vulnerability, tracked as CVE-2025-34028, has been found in the Commvault Command Center, allowing remote attackers to execute arbitrary code without authentication. The flaw, which impacts versions 11.38.0 through 11.38.19, has a CVSS score of 9.0 and can lead to complete compromise of the environment. Resolved in versions 11.38.20 and 11.38.25, organizations are urged to implement necessary mitigations quickly.

Affected: Commvault Command Center (versions 11.38.0 – 11.38.19)

Keypoints :

  • Vulnerability allows pre-authenticated remote code execution.
  • Exploitation involves Server-Side Request Forgery via the endpoint “deployWebpackage.do”.
  • ZIP archives containing malicious files can be used to escalate the attack.
  • Detection Artefact Generator available to assess vulnerability status.
  • Users of backup software like Veeam and NAKIVO are also facing active exploitation risks.

Source: https://thehackernews.com/2025/04/critical-commvault-command-center-flaw.html