Barracuda RMM < 2025.1.1 Service Center Absolute Path Traversal RCE

10 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Description

Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not verify the URL defined in an attacker-controlled WSDL that is later loaded by the application. This can lead to arbitrary file write and remote code execution via webshell upload.

AI Analysis

Arbitrary file write and remote code execution via webshell upload due to unverified WSDL URL

Basic Information

ID CVE-2025-34392

Source VulnCheck

Published Dec 10, 2025 at 15:44

Modified Dec 10, 2025 at 16:34

Affected Product

Vendor Barracuda Networks

Product RMM

Version 2025.1

Affected Versions Barracuda Networks RMM 2025.1

CWE Classification

CWE-36

AI Assessment

AI Score 10 / 10

AI Severity Critical

Vendor Barracuda Networks

Product Barracuda RMM

Version 2025.1

References

{
    "lastseen": "",
    "description": "Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not verify the URL defined in an attacker-controlled WSDL that is later loaded by the application. This can lead to arbitrary file write and remote code execution via webshell upload.",
    "published": "2025-12-10T15:44:52.631Z",
    "modified": "2025-12-10T16:34:39.392Z",
    "type": "cve",
    "title": "Barracuda RMM < 2025.1.1 Service Center Absolute Path Traversal RCE",
    "source": "VulnCheck",
    "references": "https://download.mw-rmm.barracudamsp.com/PDF/2025.1.1/RN_BRMM_2025.1.1_EN.pdf\nhttps://www.barracuda.com/products/msp/network-protection/rmm\nhttps://www.vulncheck.com/advisories/barracuda-rmm-service-center-absolute-path-traversal-rce",
    "id": "CVE-2025-34392",
    "bulletinFamily": "",
    "cwe": [
        "CWE-36"
    ],
    "cvelist": null,
    "sourceData": "Barracuda Networks RMM 2025.1",
    "sourceHref": "",
    "cvss": {
        "score": 10,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "RMM",
    "version": "2025.1",
    "vendor": "Barracuda Networks",
    "ai_description": "Arbitrary file write and remote code execution via webshell upload due to unverified WSDL URL",
    "ai_severity": "Critical",
    "ai_vendor": "Barracuda Networks",
    "ai_product": "Barracuda RMM",
    "ai_version": "2025.1",
    "ai_score": 10
}

Barracuda RMM < 2025.1.1 Service Center Absolute Path Traversal RCE_CVE-2025-34392