7 matches found
EUVD-2025-202446
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not correctly verify the name of an attacker-controlled WSDL service, leading to insecure reflection. This can result in remote code execution through either invocation of arbitrary methods or...
CVE-2025-34394
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service that is insufficiently protected against deserialization of arbitrary types. This can lead to remote code execution...
CVE-2025-34394
Barracuda RMM’s Barracuda Service Center (RMM component) prior to version 2025.1.1 exposes a .NET Remoting service that is inadequately protected against deserialization of arbitrary types, enabling remote code execution as described across multiple sources (NVD/Red Hat/CVE listings). Affected: B...
CVE-2025-34393
Barracuda Service Center (RMM solution) before 2025.1.1 is affected. The root cause is improper validation of the name of an attacker-controlled WSDL service, enabling insecure reflection that can lead to remote code execution via invocation of arbitrary methods or deserialization of untrusted ty...
PT-2025-50336
Name of the Vulnerable Software and Affected Versions Barracuda Service Center versions prior to 2025.1.1 Description The Barracuda Service Center, within the RMM solution, improperly validates the name of a WSDL service controlled by an attacker. This insecure reflection can lead to remote code...
Barracuda Service Center 路径遍历漏洞
Barracuda Service Center is a service center software from Barracuda USA. A path traversal vulnerability exists in Barracuda Service Center versions prior to 2025.1.1, which originates from an unauthenticated attacker being able to invoke methods that are vulnerable to path traversal attacks,...
PT-2025-33035 · Studio 3T · Studio 3T
Name of the Vulnerable Software and Affected Versions: Studio 3T versions prior to 2025.1.1 Description: An issue allows a remote attacker to execute arbitrary code via a crafted payload to the child process module. Recommendations: Update to version 2025.1.1 or later...