Cyber Security News

Commvault Webserver Flaw Allows Attackers to Gain Full Control

Commvault has revealed a major vulnerability in its software that could allow malicious actors to gain full control of its webservers.

The issue, identified as CV_2025_03_1, has been categorized as a high-severity flaw and impacts multiple versions of the Commvault platform running on both Linux and Windows.

The vulnerability in question allows attackers to create and execute webshells, providing them with unchecked access to the webserver.

While the exact CVE (Common Vulnerabilities and Exposures) identifier is not specified, the nature of the exploit indicates a critical risk for data integrity and security.

Affected Products

The following table lists the affected Commvault products:

ProductAffected VersionsResolved Version
Commvault11.36.0 – 11.36.4511.36.46
Commvault11.32.0 – 11.32.8711.32.88
Commvault11.28.0 – 11.28.14011.28.141
Commvault11.20.0 – 11.20.21611.20.217

Resolution and Security Update

To address this high-risk vulnerability, Commvault has urged users to immediately install the latest maintenance releases on both CommServe and Web Servers.

Additional security enhancements were implemented as of March 7th, 2025, to maintain webserver module security further.

This proactive step is crucial to prevent potential breaches and ensure the security of critical data.

Organizations relying on Commvault for data management and backup must take immediate action to patch their systems.

Given the potential for attackers to gain full control via webserver compromise, it is essential to expedite the update process to mitigate the risk of data breaches and unauthorized access.

As cybersecurity threats continue to evolve, companies must prioritize timely updates and security audits to safeguard their systems and data.

Regular checks for software vulnerabilities, like the one revealed in Commvault, are indispensable for maintaining robust security postures.

The discovery and resolution of this critical vulnerability underscore the importance of proactive cybersecurity measures, particularly in sectors that rely heavily on cloud and data management solutions like Commvault.

Ensuring that all software is up-to-date and secure is a priority for organizations seeking to protect against increasingly sophisticated cyberattacks.

Are you from SOC/DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

NCSC Warns of Ransomware Attacks Targeting UK Organisations

National Cyber Security Centre (NCSC) has issued technical guidance following a series of cyber attacks…

1 hour ago

Claude AI Abused in Influence-as-a-Service Operations and Campaigns

Claude AI, developed by Anthropic, has been exploited by malicious actors in a range of…

15 hours ago

Threat Actors Attacking U.S. Citizens Via Social Engineering Attack

As Tax Day on April 15 approaches, a alarming cybersecurity threat has emerged targeting U.S.…

1 day ago

TerraStealer Strikes: Browser Credential & Sensitive‑Data Heists on the Rise

Insikt Group has uncovered two new malware families, TerraStealerV2 and TerraLogger, attributed to the notorious…

1 day ago

MintsLoader Malware Uses Sandbox and Virtual Machine Evasion Techniques

MintsLoader, a malicious loader first observed in 2024, has emerged as a formidable tool in…

1 day ago

Threat Actors Use AiTM Attacks with Reverse Proxies to Bypass MFA

Cybercriminals are intensifying their efforts to undermine multi-factor authentication (MFA) through adversary-in-the-middle (AiTM) attacks, leveraging…

1 day ago