What is the CVSS score of CVE-2025-34079?

CVE-2025-34079 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 51.9%.

Which versions of NSClient are affected by CVE-2025-34079?

CVE-2025-34079 presents notable security risk, a code injection vulnerability rated CVSS 7.8.

Is there a public PoC exploit available for CVE-2025-34079?

Yes, a public proof-of-concept exploit is available for CVE-2025-34079. Prioritise patching immediately. EPSS: 51.9%.

How to fix or mitigate CVE-2025-34079?

Within 24 hours: Identify all affected systems and apply vendor patches immediately. Validate that input sanitization is in place for all user-controlled parameters.

NSClient CVE-2025-34079

EUVD-2025-19752 HIGH

Code Injection (CWE-94)

2025-07-02 disclosure@vulncheck.com

RCE Code Injection

7.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 16, 2026 - 01:55 euvd

EUVD-2025-19752

Analysis Generated

Mar 16, 2026 - 01:55 vuln.today

PoC Detected

Sep 16, 2025 - 19:53 vuln.today

Public exploit code

CVE Published

Jul 02, 2025 - 20:15 nvd

HIGH 7.8

DescriptionNVD

An authenticated remote code execution vulnerability exists in NSClient++ version 0.5.2.35 when the web interface and ExternalScripts module are enabled. A remote attacker with the administrator password can authenticate to the web interface (default port 8443), inject arbitrary commands as external scripts via the /settings/query.json API, save the configuration, and trigger the script via the /query/{name} endpoint. The injected commands are executed with SYSTEM privileges, enabling full remote compromise.

This capability is an intended feature, but the lack of safeguards or privilege separation makes it risky when exposed to untrusted actors.

Analysis

This capability is an intended feature, but the lack of safeguards or privilege separation makes it risky when exposed to untrusted actors.

Technical ContextAI

Remote code execution allows an attacker to run arbitrary commands or code on the target system over a network without prior authentication. This vulnerability is classified as Code Injection (CWE-94).

RemediationAI

Apply vendor patches immediately. Restrict network access to vulnerable services. Implement network segmentation and monitoring for anomalous activity.

CVE-2025-34079 vulnerability details – vuln.today

Back

NSClient CVE-2025-34079

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

Analysis

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code