CNNVD-202512-1982 Information
CNNVD ID
CNNVD-202512-1982
Related CVE
- CNNVD Published: 2025-12-10
Description (Chinese)
Barracuda Service Center是美国Barracuda公司的一个服务中心软件。 Barracuda Service Center 2025.1.1之前版本存在安全漏洞,该漏洞源于未验证攻击者控制的WSDL中定义的URL,可能导致任意文件写入和远程代码执行。
Description (English)
Barracuda Service Center is a service centre software for Barracuda in the United States. Prior to Barracuda Service Center 2025.1.1, there was a security loophole, which originated from the URL as defined in the WSDL, which was not validated by the assailant, and could lead to the writing and remote code execution of any document.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Barracuda
Published
2025-12-10
Last Modified
2026-02-24
References
https://labs.watchtowr.com/soapwn-pwning-net-framework-applications-through- https://www.vulncheck.com/advisories/barracuda-rmm-service-center-absolute-path-traversal-rce https://download.mw-rmm.barracudamsp.com/PDF/2025.1.1/RN_BRMM_2025.1.1_EN.pdf https://www.barracuda.com/products/msp/network-protection/rmm https://access.redhat.com/security/cve/cve-2025-34392