Commvault Command Center 11.38.0-11.38.20 Path Traversal RCE via JSP
CVE-2025-34028 Published on April 22, 2025
Commvault Command Center Innovation Release <= 11.38.25 Unathenticated Install Package Path Traversal
The Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files that represent install packages that, when expanded by the target server, are vulnerable to path traversal vulnerability that can result in Remote Code Execution via malicious JSP.
This issue affects Command Center Innovation Release: 11.38.0 to 11.38.20. The vulnerability is fixed in 11.38.20 with SP38-CU20-433 and SP38-CU20-436 and also fixed in 11.38.25 with SP38-CU25-434 and SP38-CU25-438.
Known Exploited Vulnerability
This Commvault Command Center Path Traversal Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Commvault Command Center contains a path traversal vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code.
The following remediation steps are recommended / required by May 23, 2025: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Weakness Types
What is a Directory traversal Vulnerability?
The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
CVE-2025-34028 has been classified to as a Directory traversal vulnerability or weakness.
Missing Authentication for Critical Function
The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Products Associated with CVE-2025-34028
Want to know whenever a new CVE is published for Commvault? stack.watch will email you.
Affected Versions
Commvault Command Center Innovation Release:- Version 11.38.0, <= 11.38.25 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.