CVE-2019-25065

MEDIUM EXPLOITED

OpenNetAdmin 18.1.1 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2019-25065 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 4 public exploits from researchers including tr3m0x, HexRazor, sagisar1, including a Metasploit module exploits/unix/webapp/opennetadmin_ping_cmd_injection.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2019-25065, targeting OpenNetAdmin's command injection vulnerability via crafted HTTP POST requests. The exploit includes version detection and command execution capabilities.

Description

A vulnerability was found in OpenNetAdmin 18.1.1. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to privilege escalation. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Exploits (4)

nomisec WORKING POC
by tr3m0x · poc
https://github.com/tr3m0x/CVE-2019-25065-poc

This repository contains a functional exploit for CVE-2019-25065, targeting OpenNetAdmin's command injection vulnerability via crafted HTTP POST requests. The exploit includes version detection and command execution capabilities.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: OpenNetAdmin (version not specified)
No auth needed
Prerequisites: Network access to the target · OpenNetAdmin instance with vulnerable endpoint
devstral-2 · analyzed May 19, 2026 Full analysis →
nomisec WORKING POC
by HexRazor · remote
https://github.com/HexRazor/CVE-2019-25065-poc

This repository contains a functional exploit for CVE-2019-25065, targeting OpenNetAdmin (ONA) via command injection in the 'xajaxargs[]' parameter. The exploit includes version detection and command execution capabilities.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: OpenNetAdmin (ONA)
No auth needed
Prerequisites: Target URL with ONA installation
devstral-2 · analyzed Apr 10, 2026 Full analysis →
nomisec WORKING POC
by sagisar1 · remote
https://github.com/sagisar1/CVE-2019-25065-exploit

This repository contains a functional bash script that exploits CVE-2019-25065, an OS command injection vulnerability in OpenNetAdmin v18.1.1. The exploit sends a crafted HTTP request to execute a reverse shell command on the target system.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: OpenNetAdmin v18.1.1
No auth needed
Prerequisites: Target running OpenNetAdmin v18.1.1 · Network connectivity to the target · gridsite-clients package installed for urlencode
devstral-2 · analyzed Feb 18, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by mattpascoe, Onur ER <[email protected]> · rubypoclinux
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/opennetadmin_ping_cmd_injection.rb

This Metasploit module exploits a command injection vulnerability in OpenNetAdmin versions 8.5.14 to 18.1.1 by injecting arbitrary commands into the 'ping' functionality via the 'xajaxargs[]' parameter. It uses a cmdstager to execute a reverse shell payload.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: OpenNetAdmin 8.5.14 to 18.1.1
No auth needed
Prerequisites: Network access to the target · OpenNetAdmin instance with vulnerable version
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://0day.today/exploit/33544
Exploit, Third Party Advisory x_refsource_misc
https://vuldb.com/?id.146798

Scores

CVSS v3 6.3
EPSS 0.7371
EPSS Percentile 98.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

VulnCheck KEV 2024-01-13
CWE
CWE-78
Status published
Products (1)
opennetadmin/opennetadmin 18.1.1
Published Jun 09, 2022
Tracked Since Feb 18, 2026