CVE-2025-4653

HIGH

Pandora ITSM authenticated command injection leading to RCE via the backup function

Title source: metasploit
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-4653. Includes Metasploit module exploits/linux/http/pandora_itsm_auth_rce_cve_2025_4653.

AI-analyzed exploit summary This Metasploit module exploits a command injection vulnerability in Pandora ITSM's backup function via the 'name' parameter, leading to RCE. It requires admin access, which can be obtained via default credentials or MySQL database manipulation.

Description

Improper Neutralization of Special Elements in the backup name field may allow OS command injection. This issue affects Pandora ITSM 5.0.105.

Exploits (1)

metasploit WORKING POC EXCELLENT
rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/pandora_itsm_auth_rce_cve_2025_4653.rb

This Metasploit module exploits a command injection vulnerability in Pandora ITSM's backup function via the 'name' parameter, leading to RCE. It requires admin access, which can be obtained via default credentials or MySQL database manipulation.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Pandora ITSM Enterprise editions up to 5.0.105
Auth required
Prerequisites: Admin access to Pandora ITSM web application · MySQL database access with default or known credentials
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v4 7.0
EPSS 0.0241
EPSS Percentile 82.0%
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:M/U:Green

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-77
Status published
Products (1)
Pandora FMS/Pandora ITSM 5.0.105 - 5.0.106
Published Jun 10, 2025
Tracked Since Feb 18, 2026