CVE-2025-34028 Information

Description

A path traversal vulnerability in Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files which when expanded by the target server result in Remote Code Execution.

This issue affects Command Center Innovation Release: 11.38.

Reference

https://documentation.commvault.com/securityadvisories/CV_2025_04_1.html