CVE-2025-34088

HIGH

Pandora FMS <7.0NG - Command Injection

Title source: llm

Description

An authenticated remote code execution vulnerability exists in Pandora FMS version 7.0NG and earlier. The net_tools.php functionality allows authenticated users to execute arbitrary OS commands via the select_ips parameter when performing network tools operations, such as pinging. This occurs because user input is not properly sanitized before being passed to system commands, enabling command injection.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotelinux

https://www.exploit-db.com/exploits/48334

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by Onur ER <[email protected]> · rubypoclinux

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/pandora_ping_cmd_exec.rb

View Code ZIP pw:eip

References (5)

[Product] https://github.com/pandorafms/pandorafms

[Exploit] https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/pandora_ping_cmd_exec.rb

[Third Party Advisory] https://vulncheck.com/advisories/pandora-fms-rce-via-ping

[Exploit, VDB Entry] https://www.exploit-db.com/exploits/48334

[Third Party Advisory] https://www.rapid7.com/db/modules/exploit/linux/http/pandora_ping_cmd_exec/

Scores

CVSS v3 8.8

EPSS 0.5384

EPSS Percentile 98.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-78

Status published

Products (2)

Artica ST/Pandora FMS < 7.0NG

pandorafms/pandora_fms < 7.0_ng

Published Jul 03, 2025

Tracked Since Feb 18, 2026