Commvault Webserver Flaw Allows Attackers to Gain Full Control

Commvault has revealed a major vulnerability in its software that could allow malicious actors to gain full control of its webservers.

The issue, identified as CV_2025_03_1, has been categorized as a high-severity flaw and impacts multiple versions of the Commvault platform running on both Linux and Windows.

The vulnerability in question allows attackers to create and execute webshells, providing them with unchecked access to the webserver.

While the exact CVE (Common Vulnerabilities and Exposures) identifier is not specified, the nature of the exploit indicates a critical risk for data integrity and security.

Affected Products

The following table lists the affected Commvault products:

Product	Affected Versions	Resolved Version
Commvault	11.36.0 – 11.36.45	11.36.46
Commvault	11.32.0 – 11.32.87	11.32.88
Commvault	11.28.0 – 11.28.140	11.28.141
Commvault	11.20.0 – 11.20.216	11.20.217

Resolution and Security Update

To address this high-risk vulnerability, Commvault has urged users to immediately install the latest maintenance releases on both CommServe and Web Servers.

Additional security enhancements were implemented as of March 7th, 2025, to maintain webserver module security further.

This proactive step is crucial to prevent potential breaches and ensure the security of critical data.

Organizations relying on Commvault for data management and backup must take immediate action to patch their systems.

Given the potential for attackers to gain full control via webserver compromise, it is essential to expedite the update process to mitigate the risk of data breaches and unauthorized access.

As cybersecurity threats continue to evolve, companies must prioritize timely updates and security audits to safeguard their systems and data.

Regular checks for software vulnerabilities, like the one revealed in Commvault, are indispensable for maintaining robust security postures.

The discovery and resolution of this critical vulnerability underscore the importance of proactive cybersecurity measures, particularly in sectors that rely heavily on cloud and data management solutions like Commvault.

Ensuring that all software is up-to-date and secure is a priority for organizations seeking to protect against increasingly sophisticated cyberattacks.

Are you from SOC/DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.