Skip to main content

CVE-2025-26845: n/a in n/a

Critical
VulnerabilityCVE-2025-26845cvecve-2025-26845
Published: Thu May 08 2025 (05/08/2025, 00:00:00 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the configuration file can use this to execute a command executed by the user running the backup.pl script.

AI-Powered Analysis

AILast updated: 07/05/2025, 04:56:19 UTC

Technical Analysis

CVE-2025-26845 is a critical remote code execution vulnerability classified as an Eval Injection issue found in Znuny up to version 7.1.3. Znuny is an open-source ticketing and customer support system forked from OTRS, widely used for IT service management. The vulnerability arises because a user with write access to the configuration file can inject malicious code that gets evaluated during the execution of the backup.pl script. This script is typically run by a system user to perform backups. Since the vulnerability allows arbitrary command execution with the privileges of the user running the backup script, an attacker who can modify the configuration file can execute arbitrary commands on the host system. The CVSS 3.1 base score is 9.8 (critical), reflecting the vulnerability's ease of exploitation (network vector, no privileges required, no user interaction) and its impact on confidentiality, integrity, and availability. The CWE-95 classification (Improper Control of Generation of Code) indicates that the vulnerability stems from unsafe evaluation of user-controllable input. No patches or fixes are currently linked, and no known exploits have been reported in the wild yet. However, given the critical severity and the nature of the vulnerability, exploitation could lead to full system compromise, data theft, or disruption of service.

Potential Impact

For European organizations using Znuny for IT service management or customer support, this vulnerability poses a significant risk. Successful exploitation could allow attackers to execute arbitrary commands on backup servers or systems running the backup.pl script, potentially leading to full system compromise. This could result in unauthorized access to sensitive customer data, disruption of critical support operations, and potential lateral movement within the network. The confidentiality, integrity, and availability of organizational data and services could be severely impacted. Given the critical CVSS score and the fact that exploitation does not require authentication or user interaction, the threat is particularly severe for organizations relying on automated backup processes. Additionally, the compromise of backup systems could undermine disaster recovery capabilities, increasing downtime and operational risk.

Mitigation Recommendations

Immediate mitigation steps include restricting write access to the Znuny configuration files strictly to trusted administrators and service accounts. Organizations should audit permissions on configuration files and backup scripts to ensure only authorized personnel have modification rights. Running the backup.pl script with the least privilege principle is critical; it should not run with root or highly privileged accounts. Implement monitoring and alerting for unexpected changes to configuration files and unusual execution of backup scripts. Until an official patch is released, consider isolating backup systems from general network access and employing application whitelisting to prevent unauthorized code execution. Regularly review and harden the Znuny installation and backup environment, including disabling any unnecessary scripting or eval functions if possible. Finally, organizations should prepare incident response plans specific to this vulnerability to quickly contain and remediate any exploitation attempts.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2025-02-15T00:00:00.000Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682d9818c4522896dcbd81e5

Added to database: 5/21/2025, 9:08:40 AM

Last enriched: 7/5/2025, 4:56:19 AM

Last updated: 7/30/2025, 6:13:49 PM

Views: 10

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats