CVE-2025-57791

MEDIUM

Commvault Command-Line Argument Injection to Traversal Remote Code Execution

Title source: metasploit

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-57791. PoCs published by Sonny Macdonald, Piotr Bazydlo, remmons-r7, including Metasploit module exploits/windows/http/commvault_rce_cve_2025_57790_cve_2025_57791.

AI-analyzed exploit summary This Metasploit module exploits an unauthenticated RCE chain in Commvault (CVE-2025-57790, CVE-2025-57791, and CVE-2025-57788) by leveraging command-line argument injection, path traversal, and expression language injection to achieve remote code execution as 'NETWORK SERVICE' on Windows.

Description

A security vulnerability has been identified that allows remote attackers to inject or manipulate command-line arguments passed to internal components due to insufficient input validation. Successful exploitation results in a valid user session for a low privilege role.

Exploits (1)

metasploit WORKING POC EXCELLENT

by Sonny Macdonald, Piotr Bazydlo, remmons-r7 · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/commvault_rce_cve_2025_57790_cve_2025_57791.rb

View Code ZIP pw:eip

This Metasploit module exploits an unauthenticated RCE chain in Commvault (CVE-2025-57790, CVE-2025-57791, and CVE-2025-57788) by leveraging command-line argument injection, path traversal, and expression language injection to achieve remote code execution as 'NETWORK SERVICE' on Windows.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Commvault

No auth needed

Prerequisites: Network access to Commvault web interface · Target must be running a vulnerable version of Commvault

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory

https://documentation.commvault.com/securityadvisories/CV_2025_08_1.html

Scores

CVSS v3 6.5

EPSS 0.2072

EPSS Percentile 97.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-88

Status published

Products (1)

commvault/commvault < 11.36.60

Published Aug 20, 2025

Tracked Since Feb 18, 2026