CVE-2025-34392
CRITICALBarracuda RMM < 2025.1.1 - Absolute Path Traversal and Remote Code Execution via WSDL URL
Title source: llmDescription
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not verify the URL defined in an attacker-controlled WSDL that is later loaded by the application. This can lead to arbitrary file write and remote code execution via webshell upload.
References (4)
Core 4
Core References
Product product
https://www.barracuda.com/products/msp/network-protection/rmm
Release Notes vendor-advisory
patch
https://download.mw-rmm.barracudamsp.com/PDF/2025.1.1/RN_BRMM_2025.1.1_EN.pdf
Third Party Advisory third-party-advisory
https://www.vulncheck.com/advisories/barracuda-rmm-service-center-absolute-path-traversal-rce
Exploit, Third Party Advisory exploit
https://labs.watchtowr.com/soapwn-pwning-net-framework-applications-through-http-client-proxies-and-wsdl/
Scores
CVSS v3
9.8
EPSS
0.2201
EPSS Percentile
97.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
CWE
CWE-36
Status
published
Products (2)
barracuda/rmm
< 2025.1.1
Barracuda Networks/RMM
2025.1 - 2025.1.1
Published
Dec 10, 2025
Tracked Since
Feb 18, 2026