CVE-2025-3928 Information

Description

Commvault Web Server has an unspecified vulnerability that can be exploited by a remote authenticated attacker. According to the Commvault advisory: \Webservers can be compromised through bad actors creating and executing webshells.\ Fixed in version 11.36.46 11.32.89 11.28.141 and 11.20.217 for Windows and Linux platforms.

Reference

https://documentation.commvault.com/securityadvisories/CV_2025_03_1.html url