163 matches found
CVE-2025-34395
Barracuda RMM Service Center (Barracuda Service Center) prior to version 2025.1.1 exposes a .NET Remoting service that an unauthenticated attacker can use to invoke a path traversal vulnerable method to read arbitrary files. This vulnerability can be escalated to remote code execution by obtainin...
CVE-2025-34395 Barracuda RMM < 2025.1.1 Service Center .NET Remoting Path Traversal RCE
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service in which an unauthenticated attacker can invoke a method vulnerable to path traversal to read arbitrary files. This vulnerability can be escalated to remote code execution ...
CVE-2025-34394
Barracuda RMM’s Barracuda Service Center (RMM component) prior to version 2025.1.1 exposes a .NET Remoting service that is inadequately protected against deserialization of arbitrary types, enabling remote code execution as described across multiple sources (NVD/Red Hat/CVE listings). Affected: B...
CVE-2025-34394 Barracuda RMM < 2025.1.1 Service Center .NET Remoting Deserialization RCE
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service that is insufficiently protected against deserialization of arbitrary types. This can lead to remote code execution...
CVE-2025-34394 Barracuda RMM < 2025.1.1 Service Center .NET Remoting Deserialization RCE
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service that is insufficiently protected against deserialization of arbitrary types. This can lead to remote code execution...
CVE-2025-34393
Barracuda Service Center (RMM solution) before 2025.1.1 is affected. The root cause is improper validation of the name of an attacker-controlled WSDL service, enabling insecure reflection that can lead to remote code execution via invocation of arbitrary methods or deserialization of untrusted ty...
CVE-2025-34393 Barracuda RMM < 2025.1.1 Service Center Insecure Reflection RCE
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not correctly verify the name of an attacker-controlled WSDL service, leading to insecure reflection. This can result in remote code execution through either invocation of arbitrary methods or...
CVE-2025-34393 Barracuda RMM < 2025.1.1 Service Center Insecure Reflection RCE
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not correctly verify the name of an attacker-controlled WSDL service, leading to insecure reflection. This can result in remote code execution through either invocation of arbitrary methods or...
CVE-2025-34392 Barracuda RMM < 2025.1.1 Service Center Absolute Path Traversal RCE
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not verify the URL defined in an attacker-controlled WSDL that is later loaded by the application. This can lead to arbitrary file write and remote code execution via webshell upload...
CVE-2025-34392
Barracuda Service Center (as implemented in Barracuda RMM) prior to version 2025.1.1 contains an insufficient WSDL URL validation in attacker-controlled WSDLs, enabling arbitrary file write and remote code execution via webshell uploads. Affected products include Barracuda RMM’s Service Center in...
CVE-2025-34392 Barracuda RMM < 2025.1.1 Service Center Absolute Path Traversal RCE
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not verify the URL defined in an attacker-controlled WSDL that is later loaded by the application. This can lead to arbitrary file write and remote code execution via webshell upload...
PT-2025-50335
Name of the Vulnerable Software and Affected Versions Barracuda Service Center versions prior to 2025.1.1 Description Barracuda Service Center, as implemented in the RMM solution, does not validate the URL specified in a WSDL file controlled by an attacker, which is subsequently loaded by the...
Barracuda Service Center 安全漏洞
Barracuda Service Center is a service center software from Barracuda USA. A security vulnerability exists in Barracuda Service Center versions prior to 2025.1.1 that stems from failure to properly validate the name of an attacker-controlled WSDL service, which could lead to remote code execution...
PT-2025-50338
Name of the Vulnerable Software and Affected Versions Barracuda Service Center versions prior to 2025.1.1 Description The Barracuda Service Center, as part of the RMM solution, has a .NET Remoting service exposed that allows an unauthenticated attacker to invoke a method susceptible to path...
Barracuda Service Center 安全漏洞
Barracuda Service Center is a service center software from Barracuda USA. A security vulnerability exists in Barracuda Service Center versions prior to 2025.1.1 that originates from a URL defined in a WSDL under the control of an unauthenticated attacker, which could lead to arbitrary file writin...
Barracuda Service Center 路径遍历漏洞
Barracuda Service Center is a service center software from Barracuda USA. A path traversal vulnerability exists in Barracuda Service Center versions prior to 2025.1.1, which originates from an unauthenticated attacker being able to invoke methods that are vulnerable to path traversal attacks,...
Barracuda Service Center 代码问题漏洞
Barracuda Service Center is a service center software from Barracuda USA. A code issue vulnerability exists in Barracuda Service Center versions prior to 2025.1.1, which stems from insufficient protection of the .NET Remoting service and could lead to remote code execution...
PT-2025-50336
Name of the Vulnerable Software and Affected Versions Barracuda Service Center versions prior to 2025.1.1 Description The Barracuda Service Center, within the RMM solution, improperly validates the name of a WSDL service controlled by an attacker. This insecure reflection can lead to remote code...
MSS Claims NSA Used 42 Cyber Tools in Multi-Stage Attack on Beijing Time Systems
China on Sunday accused the U.S. National Security Agency NSA of carrying out a "premeditated" cyber attack targeting the National Time Service Center NTSC, as it described the U.S. as a "hacker empire" and the "greatest source of chaos in cyberspace." The Ministry of State Security MSS, in a...
EUVD-2011-1860
Malware in sbrugna...