Lucene search
+L

163 matches found

CVE
CVE
added 2025/12/10 3:45 p.m.13 views

CVE-2025-34395

Barracuda RMM Service Center (Barracuda Service Center) prior to version 2025.1.1 exposes a .NET Remoting service that an unauthenticated attacker can use to invoke a path traversal vulnerable method to read arbitrary files. This vulnerability can be escalated to remote code execution by obtainin...

8.7CVSS7.8AI score0.00659EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/12/10 3:45 p.m.32 views

CVE-2025-34395 Barracuda RMM < 2025.1.1 Service Center .NET Remoting Path Traversal RCE

Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service in which an unauthenticated attacker can invoke a method vulnerable to path traversal to read arbitrary files. This vulnerability can be escalated to remote code execution ...

8.7CVSS0.00659EPSS
Exploits0References3
CVE
CVE
added 2025/12/10 3:45 p.m.18 views

CVE-2025-34394

Barracuda RMM’s Barracuda Service Center (RMM component) prior to version 2025.1.1 exposes a .NET Remoting service that is inadequately protected against deserialization of arbitrary types, enabling remote code execution as described across multiple sources (NVD/Red Hat/CVE listings). Affected: B...

10CVSS7.7AI score0.00603EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/10 3:45 p.m.6 views

CVE-2025-34394 Barracuda RMM < 2025.1.1 Service Center .NET Remoting Deserialization RCE

Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service that is insufficiently protected against deserialization of arbitrary types. This can lead to remote code execution...

10CVSS7.7AI score0.00603EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/10 3:45 p.m.36 views

CVE-2025-34394 Barracuda RMM < 2025.1.1 Service Center .NET Remoting Deserialization RCE

Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service that is insufficiently protected against deserialization of arbitrary types. This can lead to remote code execution...

10CVSS0.00603EPSS
Exploits0References3
CVE
CVE
added 2025/12/10 3:45 p.m.21 views

CVE-2025-34393

Barracuda Service Center (RMM solution) before 2025.1.1 is affected. The root cause is improper validation of the name of an attacker-controlled WSDL service, enabling insecure reflection that can lead to remote code execution via invocation of arbitrary methods or deserialization of untrusted ty...

10CVSS7.9AI score0.00603EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/10 3:45 p.m.4 views

CVE-2025-34393 Barracuda RMM < 2025.1.1 Service Center Insecure Reflection RCE

Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not correctly verify the name of an attacker-controlled WSDL service, leading to insecure reflection. This can result in remote code execution through either invocation of arbitrary methods or...

10CVSS7.9AI score0.00603EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/10 3:45 p.m.34 views

CVE-2025-34393 Barracuda RMM < 2025.1.1 Service Center Insecure Reflection RCE

Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not correctly verify the name of an attacker-controlled WSDL service, leading to insecure reflection. This can result in remote code execution through either invocation of arbitrary methods or...

10CVSS0.00603EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/10 3:44 p.m.3 views

CVE-2025-34392 Barracuda RMM < 2025.1.1 Service Center Absolute Path Traversal RCE

Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not verify the URL defined in an attacker-controlled WSDL that is later loaded by the application. This can lead to arbitrary file write and remote code execution via webshell upload...

10CVSS7.9AI score0.22791EPSS
Exploits1References4
CVE
CVE
added 2025/12/10 3:44 p.m.20 views

CVE-2025-34392

Barracuda Service Center (as implemented in Barracuda RMM) prior to version 2025.1.1 contains an insufficient WSDL URL validation in attacker-controlled WSDLs, enabling arbitrary file write and remote code execution via webshell uploads. Affected products include Barracuda RMM’s Service Center in...

10CVSS7.9AI score0.22791EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/12/10 3:44 p.m.115 views

CVE-2025-34392 Barracuda RMM < 2025.1.1 Service Center Absolute Path Traversal RCE

Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not verify the URL defined in an attacker-controlled WSDL that is later loaded by the application. This can lead to arbitrary file write and remote code execution via webshell upload...

10CVSS0.22791EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.6 views

PT-2025-50335

Name of the Vulnerable Software and Affected Versions Barracuda Service Center versions prior to 2025.1.1 Description Barracuda Service Center, as implemented in the RMM solution, does not validate the URL specified in a WSDL file controlled by an attacker, which is subsequently loaded by the...

10CVSS8AI score0.22791EPSS
Exploits1References10
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.7 views

Barracuda Service Center 安全漏洞

Barracuda Service Center is a service center software from Barracuda USA. A security vulnerability exists in Barracuda Service Center versions prior to 2025.1.1 that stems from failure to properly validate the name of an attacker-controlled WSDL service, which could lead to remote code execution...

10CVSS7.7AI score0.00603EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.6 views

PT-2025-50338

Name of the Vulnerable Software and Affected Versions Barracuda Service Center versions prior to 2025.1.1 Description The Barracuda Service Center, as part of the RMM solution, has a .NET Remoting service exposed that allows an unauthenticated attacker to invoke a method susceptible to path...

8.7CVSS8AI score0.00659EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.5 views

Barracuda Service Center 安全漏洞

Barracuda Service Center is a service center software from Barracuda USA. A security vulnerability exists in Barracuda Service Center versions prior to 2025.1.1 that originates from a URL defined in a WSDL under the control of an unauthenticated attacker, which could lead to arbitrary file writin...

10CVSS8AI score0.22791EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.6 views

Barracuda Service Center 路径遍历漏洞

Barracuda Service Center is a service center software from Barracuda USA. A path traversal vulnerability exists in Barracuda Service Center versions prior to 2025.1.1, which originates from an unauthenticated attacker being able to invoke methods that are vulnerable to path traversal attacks,...

8.7CVSS7.9AI score0.00659EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.5 views

Barracuda Service Center 代码问题漏洞

Barracuda Service Center is a service center software from Barracuda USA. A code issue vulnerability exists in Barracuda Service Center versions prior to 2025.1.1, which stems from insufficient protection of the .NET Remoting service and could lead to remote code execution...

10CVSS8.4AI score0.00603EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.10 views

PT-2025-50336

Name of the Vulnerable Software and Affected Versions Barracuda Service Center versions prior to 2025.1.1 Description The Barracuda Service Center, within the RMM solution, improperly validates the name of a WSDL service controlled by an attacker. This insecure reflection can lead to remote code...

10CVSS8AI score0.00603EPSS
Exploits0References7
The Hacker News
The Hacker News
added 2025/10/20 5:32 a.m.4 views

MSS Claims NSA Used 42 Cyber Tools in Multi-Stage Attack on Beijing Time Systems

China on Sunday accused the U.S. National Security Agency NSA of carrying out a "premeditated" cyber attack targeting the National Time Service Center NTSC, as it described the U.S. as a "hacker empire" and the "greatest source of chaos in cyberspace." The Ministry of State Security MSS, in a...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2011-1860

Malware in sbrugna...

4.3CVSS6.4AI score0.01842EPSS
Exploits0References8
Rows per page
Query Builder