{"uuid": "13d2e33e-6518-4ce1-abaf-e6da695de77a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-34028", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12895", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-34028\n\ud83d\udd25 CVSS Score: 10 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H)\n\ud83d\udd39 Description: A path traversal vulnerability in Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files, which, when expanded by the target server, result in Remote Code Execution.\n\n\n\n\n\nThis issue affects Command Center Innovation Release: 11.38.\n\ud83d\udccf Published: 2025-04-22T16:32:23.446Z\n\ud83d\udccf Modified: 2025-04-22T16:32:23.446Z\n\ud83d\udd17 References:\n1. https://documentation.commvault.com/securityadvisories/CV_2025_04_1.html", "creation_timestamp": "2025-04-22T17:03:14.000000Z"}