← back
CVE-2025-3928

Commvault Web Server unspecified vulnerability

CVSS 8.7 HIGHEPSS 1.9%● KEV
In short

Commvault Web Server has a security flaw that allows authenticated attackers to upload and run malicious code (webshells) on the server, potentially taking it over. This is a serious threat because attackers can gain full control of the system.

Technical detail

Remote authenticated attackers can exploit an unspecified vulnerability in Commvault Web Server to create and execute webshells, achieving arbitrary code execution on affected systems. The vulnerability affects multiple versions across Windows and Linux platforms and requires valid credentials. Patched in versions 11.36.46, 11.32.89, 11.28.141, and 11.20.217.

Summary generated and translated by AI from the official description.
Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenticated attacker. According to the Commvault advisory: "Webservers can be compromised through bad actors creating and executing webshells." Fixed in version 11.36.46, 11.32.89, 11.28.141, and 11.20.217 for Windows and Linux platforms. This vulnerability was added to the CISA Known Exploited Vulnerabilities (KEV) Catalog on 2025-04-28.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
Commvault · Web Server

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://documentation.commvault.com/securityadvisories/CV_2025_03_1.htmlhttps://www.bleepingcomputer.com/news/security/commvault-says-recent-breach-didnt-impact-customer-backup-data/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-3928https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2025-3928https://www.cisa.gov/news-events/alerts/2025/05/22/advisory-update-cyber-threat-activity-targeting-commvaults-saas-cloud-application-metallichttps://www.commvault.com/blogs/customer-security-updatehttps://www.commvault.com/blogs/notice-security-advisory-updatehttps://www.commvault.com/blogs/security-advisory-march-7-2025