Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

58 matches found

RedhatCVE
RedhatCVEadded 2025/12/17 8:7 a.m.2 views

CVE-2025-65176

An issue was discovered in Dynatrace OneAgent before 1.325.47. When attempting to access a remote network share from a machine where OneAgent is installed and receiving a "STATUSLOGONFAILURE" error, the agent will retrieve every user token on the machine and repeatedly attempt to access the netwo...

7.5CVSS6.9AI score0.00039EPSS
Exploits0References1
EUVD
EUVDadded 2025/12/15 9:30 p.m.1 views

EUVD-2025-203407

An issue was discovered in Dynatrace OneAgent before 1.325.47. When attempting to access a remote network share from a machine where OneAgent is installed and receiving a "STATUSLOGONFAILURE" error, the agent will retrieve every user token on the machine and repeatedly attempt to access the netwo...

6.4AI score0.00039EPSS
Exploits0References4
NVD
NVDadded 2025/12/15 7:16 p.m.2 views

CVE-2025-65176

An issue was discovered in Dynatrace OneAgent before 1.325.47. When attempting to access a remote network share from a machine where OneAgent is installed and receiving a "STATUSLOGONFAILURE" error, the agent will retrieve every user token on the machine and repeatedly attempt to access the netwo...

7.5CVSS0.00039EPSS
Exploits0References3
OSV
OSVadded 2025/12/15 7:16 p.m.0 views

CVE-2025-65176

An issue was discovered in Dynatrace OneAgent before 1.325.47. When attempting to access a remote network share from a machine where OneAgent is installed and receiving a "STATUSLOGONFAILURE" error, the agent will retrieve every user token on the machine and repeatedly attempt to access the netwo...

7.5CVSS5.8AI score0.00039EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/12/15 12:0 a.m.0 views

Dynatrace OneAgent 安全漏洞

Dynatrace OneAgent is an intelligent agent program from Dynatrace, Inc. A security vulnerability exists in Dynatrace OneAgent versions prior to 1.325.47, which stems from the fact that the agent retrieves every user token on a machine and attempts to access a network share when it receives a...

7.5CVSS6.7AI score0.00039EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/12/15 12:0 a.m.2 views

PT-2025-51276

Name of the Vulnerable Software and Affected Versions Dynatrace OneAgent versions prior to 1.325.47 Description An issue exists in Dynatrace OneAgent where, when attempting to access a remote network share and receiving a "STATUS LOGON FAILURE" error, the agent retrieves all user tokens from the...

7.5CVSS6.6AI score0.00039EPSS
Exploits0References6
CVE
CVEadded 2025/12/15 12:0 a.m.8 views

CVE-2025-65176

Dynatrace OneAgent (versions before 1.325.47) is vulnerable: when accessing a remote network share and encountering STATUS_LOGON_FAILURE, the agent retrieves all user tokens on the machine and impersonates them to repeatedly access the share, enabling potential NTLM relay attacks. Affected compon...

7.5CVSS6.6AI score0.00039EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2025/12/15 12:0 a.m.2 views

CVE-2025-65176

An issue was discovered in Dynatrace OneAgent before 1.325.47. When attempting to access a remote network share from a machine where OneAgent is installed and receiving a "STATUSLOGONFAILURE" error, the agent will retrieve every user token on the machine and repeatedly attempt to access the netwo...

6.6AI score0.00039EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/12/15 12:0 a.m.15 views

CVE-2025-65176

An issue was discovered in Dynatrace OneAgent before 1.325.47. When attempting to access a remote network share from a machine where OneAgent is installed and receiving a "STATUSLOGONFAILURE" error, the agent will retrieve every user token on the machine and repeatedly attempt to access the netwo...

0.00039EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2025/11/06 12:10 a.m.8 views

CVE-2025-61304

OS command injection vulnerability in Dynatrace ActiveGate ping extension up to 1.016 via crafted ip address...

9.8CVSS7.7AI score0.00927EPSS
Exploits3References1
OSV
OSVadded 2025/11/05 4:15 p.m.0 views

CVE-2025-61304

OS command injection vulnerability in Dynatrace ActiveGate ping extension up to 1.016 via crafted ip address...

9.8CVSS5.7AI score0.00927EPSS
Exploits3References1
NVD
NVDadded 2025/11/05 4:15 p.m.2 views

CVE-2025-61304

OS command injection vulnerability in Dynatrace ActiveGate ping extension up to 1.016 via crafted ip address...

9.8CVSS0.00927EPSS
Exploits3References1
Cvelist
Cvelistadded 2025/11/05 12:0 a.m.4 views

CVE-2025-61304

OS command injection vulnerability in Dynatrace ActiveGate ping extension up to 1.016 via crafted ip address...

0.00927EPSS
Exploits3References1
Positive Technologies
Positive Technologiesadded 2025/11/05 12:0 a.m.3 views

PT-2025-45113

Name of the Vulnerable Software and Affected Versions Dynatrace ActiveGate versions up to 1.016 Description An OS command injection issue exists in the Dynatrace ActiveGate ping extension. This flaw allows for potential code execution through the use of specially crafted IP addresses. The ping...

9.8CVSS8.1AI score0.00927EPSS
Exploits3References3
EUVD
EUVDadded 2025/11/05 12:0 a.m.2 views

EUVD-2025-37901

OS command injection vulnerability in Dynatrace ActiveGate ping extension up to 1.016 via crafted ip address...

9.8CVSS7.1AI score0.00927EPSS
Exploits3References2
CVE
CVEadded 2025/11/05 12:0 a.m.32 views

CVE-2025-61304

CVE-2025-61304 is an OS command injection vulnerability in the Dynatrace ActiveGate ping extension, affected up to version 1.016. The root cause is improper handling of crafted IP addresses in the ping extension, which relies on the Windows command prompt and allows command chaining (e.g., via an...

9.8CVSS7.2AI score0.00927EPSS
Exploits3References1Affected Software1
CNNVD
CNNVDadded 2025/11/05 12:0 a.m.2 views

Dynatrace ActiveGate 安全漏洞

Dynatrace ActiveGate is a gateway component in a monitoring platform from Dynatrace USA. A security vulnerability exists in Dynatrace ActiveGate version 1.016 and earlier, which stems from improper handling of specially crafted ip addresses and could lead to an OS command injection attack...

9.8CVSS7AI score0.00927EPSS
Exploits3References2
Vulnrichment
Vulnrichmentadded 2025/11/05 12:0 a.m.2 views

CVE-2025-61304

OS command injection vulnerability in Dynatrace ActiveGate ping extension up to 1.016 via crafted ip address...

7.2AI score0.00927EPSS
Exploits3References1
Packet Storm
Packet Stormadded 2025/10/27 12:0 a.m.146 views

📄 Dynatrace ActiveGate Command Injection

Dynatrace ActiveGate versions up to 1.016 suffer from an OS command injection vulnerability. CVE-2025-61304 "OS command injection vulnerability in Dynatrace ActiveGate ping extension up to 1.016 via crafted ip address" In the background the ping extension is using the command prompt of Windows to...

9.8CVSS7.5AI score0.00927EPSS
Exploits3
GithubExploit
GithubExploitadded 2025/10/25 12:42 p.m.183 views

Exploit for CVE-2025-61304

CVE-2025-61304 "OS command injection vulnerability in Dynatrac...

7.9AI score0.00927EPSS
Exploits3
Rows per page
Query Builder