10 matches found
EUVD-2026-23116
Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gain SYSTEM-level privileges by exploiting overly permissive filesystem ACLs on the C:\Windows\Automation directory. Attackers can modify existing automation content or place...
CVE-2026-22676
Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gain SYSTEM-level privileges by exploiting overly permissive filesystem ACLs on the C:\Windows\Automation directory. Attackers can modify existing automation content or place...
CVE-2026-22676 Barracuda RMM < 2025.2.2 Privilege Escalation via Insecure Directory Permissions
Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gain SYSTEM-level privileges by exploiting overly permissive filesystem ACLs on the C:\Windows\Automation directory. Attackers can modify existing automation content or place...
Barracuda RMM 安全漏洞
Barracuda RMM is a remote monitoring and management platform developed by the American company Barracuda. Versions of Barracuda RMM prior to 2025.2.2 contained security vulnerabilities. These vulnerabilities stemmed from excessive permissions in the file system access control list, which could...
CVE-2025-34395
Barracuda RMM Service Center (Barracuda Service Center) prior to version 2025.1.1 exposes a .NET Remoting service that an unauthenticated attacker can use to invoke a path traversal vulnerable method to read arbitrary files. This vulnerability can be escalated to remote code execution by obtainin...
CVE-2025-34395 Barracuda RMM < 2025.1.1 Service Center .NET Remoting Path Traversal RCE
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service in which an unauthenticated attacker can invoke a method vulnerable to path traversal to read arbitrary files. This vulnerability can be escalated to remote code execution ...
CVE-2025-34395 Barracuda RMM < 2025.1.1 Service Center .NET Remoting Path Traversal RCE
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service in which an unauthenticated attacker can invoke a method vulnerable to path traversal to read arbitrary files. This vulnerability can be escalated to remote code execution ...
CVE-2025-34394 Barracuda RMM < 2025.1.1 Service Center .NET Remoting Deserialization RCE
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service that is insufficiently protected against deserialization of arbitrary types. This can lead to remote code execution...
CVE-2025-34393 Barracuda RMM < 2025.1.1 Service Center Insecure Reflection RCE
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not correctly verify the name of an attacker-controlled WSDL service, leading to insecure reflection. This can result in remote code execution through either invocation of arbitrary methods or...
CVE-2025-34392
Barracuda Service Center (as implemented in Barracuda RMM) prior to version 2025.1.1 contains an insufficient WSDL URL validation in attacker-controlled WSDLs, enabling arbitrary file write and remote code execution via webshell uploads. Affected products include Barracuda RMM’s Service Center in...