CVE-2025-49809 Information

Description

mtr through 0.95 in certain privileged contexts mishandles execution of a program specified by the MTR_PACKET environment variable. NOTE: mtr on macOS may often have Sudo rules as an indirect consequence of Homebrew not installing setuid binaries.

Reference

https://github.com/Homebrew/homebrew-core/issues/35085 https://github.com/traviscross/mtr/blob/master/SECURITY https://github.com/traviscross/mtr/commit/5226f105f087c29d3cfad9f28000e7536af91ac6

Related CNNVD

CNNVD-202507-444 (Published: 2025-07-04)