How to fix CVE-2025-34028?

Within 24 hours: Identify all affected systems and apply vendor patches immediately. Review file handling controls and restrict upload directories.

Is Commvault affected by CVE-2025-34028?

Organizations using Commvault Command Center Innovation Release face critical risk from CVE-2025-34028, a path traversal vulnerability rated CVSS 9.3. This could allow attackers to access or modify files outside intended directories, potentially exposing sensitive configuration or credentials.

CVE-2025-34028

CRITICAL

2025-04-22 [email protected]

9.3

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:L/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:38 vuln.today

Added to CISA KEV

Nov 06, 2025 - 13:57 cisa

CISA KEV

PoC Detected

Nov 06, 2025 - 13:57 vuln.today

Public exploit code

CVE Published

Apr 22, 2025 - 17:16 nvd

CRITICAL 9.3

Description

The Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files that represent install packages that, when expanded by the target server, are vulnerable to path traversal vulnerability that can result in Remote Code Execution via malicious JSP. This issue affects Command Center Innovation Release: 11.38.0 to 11.38.20. The vulnerability is fixed in 11.38.20 with SP38-CU20-433 and SP38-CU20-436 and also fixed in 11.38.25 with SP38-CU25-434 and SP38-CU25-438.

Analysis

Commvault Command Center Innovation Release allows unauthenticated remote code execution through path traversal in ZIP file upload handling, enabling malicious JSP deployment on the server.

Technical Context

The CWE-22 path traversal in the ZIP file expansion allows an attacker to upload a crafted ZIP containing JSP files with path traversal sequences. When the server expands the ZIP, the JSP is placed in the web-accessible directory for execution.

Affected Products

['Commvault Command Center Innovation Release 11.38.0 through affected versions']

Remediation

Update Commvault. Scan web directories for unauthorized JSP files. Restrict access to the Command Center. Review backup operations for data exfiltration.

Priority Score

180

Low Medium High Critical

KEV: +50

EPSS: +63.2

CVSS: +46

POC: +20

CVE-2025-34028 vulnerability details – vuln.today

Back

CVE-2025-34028

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-34028

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code