CVE-2019-25065

MEDIUM EXPLOITED

OpenNetAdmin 18.1.1 - Privilege Escalation

Title source: llm

Description

A vulnerability was found in OpenNetAdmin 18.1.1. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to privilege escalation. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Exploits (3)

nomisec WORKING POC

by HexRazor · remote

https://github.com/HexRazor/CVE-2019-25065-poc

View Code ZIP pw:eip

nomisec WORKING POC

by sagisar1 · remote

https://github.com/sagisar1/CVE-2019-25065-exploit

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by mattpascoe, Onur ER <[email protected]> · rubypoclinux

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/opennetadmin_ping_cmd_injection.rb

View Code ZIP pw:eip

References (2)

[Exploit, Third Party Advisory] https://0day.today/exploit/33544

[Exploit, Third Party Advisory] https://vuldb.com/?id.146798

Scores

CVSS v3 6.3

EPSS 0.7371

EPSS Percentile 98.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Details

VulnCheck KEV 2024-01-13

CWE

CWE-78

Status published

Products (1)

opennetadmin/opennetadmin 18.1.1

Published Jun 09, 2022

Tracked Since Feb 18, 2026