Hertzbeat
CVE-2025-24404
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
XML Injection RCE by parse http sitemap xml response vulnerability in Apache HertzBeat.
The attacker needs to have an authenticated account with access, and add monitor parsed by xml, returned special content can trigger the XML parsing vulnerability.
This issue affects Apache HertzBeat (incubating): before 1.7.0.
Users are recommended to upgrade to version 1.7.0, which fixes the issue.
AnalysisAI
XML Injection RCE by parse http sitemap xml response vulnerability in Apache HertzBeat. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-91. XML Injection RCE by parse http sitemap xml response vulnerability in Apache HertzBeat. The attacker needs to have an authenticated account with access, and add monitor parsed by xml, returned special content can trigger the XML parsing vulnerability.7.0. Users are recommended to upgrade to version 1.7.0, which fixes the issue. Affected products include: Apache Hertzbeat. Version information: before 1.7.0..
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Hertzbeat is an open source, real-time monitoring system. Rated critical severity (CVSS 9.8), this vulnerability is remo
Hertzbeat is an open source, real-time monitoring system. Rated high severity (CVSS 8.8), this vulnerability is remotely
Hertzbeat is an open source, real-time monitoring system. Rated high severity (CVSS 8.8), this vulnerability is remotely
Hertzbeat is an open source, real-time monitoring system. Rated high severity (CVSS 7.5), this vulnerability is remotely
Apache HertzBeat versions 1.7.1 through 1.8.0 contain an XPath injection vulnerability that allows authenticated attacke
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache HertzBeat (i
Deserialization of Untrusted Data vulnerability in Apache HertzBeat. Rated high severity (CVSS 8.8), this vulnerability
SnakeYaml Deser Load Malicious xml rce vulnerability in Apache HertzBeat (incubating). Rated high severity (CVSS 8.8), t
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat.6.1. Rated high severity (C
Server-Side Request Forgery (SSRF) vulnerability in Apache HertzBeat.7.0. Rated medium severity (CVSS 6.5), this vulnera
Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability in Apache HertzBeat .
Same weakness CWE-91 – XML Injection (aka Blind XPath Injection)
View allSame technique Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today