CVE-2025-3928

HIGH
2025-04-25 9119a7d8-5eab-497f-8521-727c672e3725
8.7
CVSS 4.0
Share

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
Mar 28, 2026 - 18:38 vuln.today
Added to CISA KEV
Oct 31, 2025 - 21:59 cisa
CISA KEV
CVE Published
Apr 25, 2025 - 16:15 nvd
HIGH 8.7

Tags

Microsoft Information Disclosure Commvault Windows

Description

Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenticated attacker. According to the Commvault advisory: "Webservers can be compromised through bad actors creating and executing webshells." Fixed in version 11.36.46, 11.32.89, 11.28.141, and 11.20.217 for Windows and Linux platforms. This vulnerability was added to the CISA Known Exploited Vulnerabilities (KEV) Catalog on 2025-04-28.

Analysis

Commvault Web Server allows authenticated remote attackers to create and execute webshells, exploited in the wild alongside CVE-2025-34028 for comprehensive backup infrastructure compromise.

Technical Context

The vulnerability allows bad actors to compromise Commvault webservers through webshell creation and execution. While requiring authentication, compromised credentials or chaining with other vulnerabilities enables exploitation.

Affected Products

['Commvault Web Server (affected versions)']

Remediation

Apply Commvault security updates. Implement MFA for Commvault admin access. Monitor for web shell creation. Implement immutable backup storage.

Priority Score

110
Low Medium High Critical
KEV: +50
EPSS: +16.6
CVSS: +44
POC: 0

Share

CVE-2025-3928 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy