CRITICAL🇵🇱 Wersja polska

CVE-2025-26845

CVSS 9.8v3.1pub. 2025-05-08upd. 2025-05-16

An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the configuration file can use this to execute a command executed by the user running the backup.pl script.

🤖 AI Analysis
How it works

The vulnerability consists of the ability to inject malicious code into the configuration file by a user with write permissions to that file (CWE-94, CWE-95). The injected code is then evaluated (executed) when the backup.pl script is run. Commands are executed in the context of the system account on which the script runs.

Impact

An attacker can execute arbitrary system commands with the privileges of the user running the backup.pl script, which may lead to complete server takeover, data theft, or system integrity violation.

Mitigation & patch

Apply patches available from the vendor according to references (https://www.znuny.org/en/advisories/zsa-2025-03). Additionally, it is recommended to restrict write access to the configuration file only to trusted administrative users.

Who is affected

Znuny in versions up to 7.1.3 inclusive.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Znuny

    APP
    Znuny
    6.0.31 – 6.0.486.5.1 – 6.5.117.0.1 – 7.1.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-26846CRITICAL9.8PL ✓ten sam produkt

Brak weryfikacji uprawnień w Generic Interface systemu Znuny (eskalacja uprawnień)

CVE-2025-26844CRITICAL9.8PL ✓ten sam produkt

Znuny: Ciasteczko sesji bez flagi HttpOnly — ryzyko kradzieży sesji

CVE-2024-32491CRITICAL9.8PL ✓ten sam produkt

Path traversal i RCE w Znuny poprzez manipulację żądaniem AJAX

CVE-2025-26842HIGH7.5ten sam produkt

An issue was discovered in Znuny through 7.1.3. If access to a ticket is not given, the content of S/MIME encr...

CVE-2025-26847HIGH7.5ten sam produkt

An issue was discovered in Znuny before 7.1.5. When generating a support bundle, not all passwords are masked.

CVE-2025-26845 — Znuny — CRITICAL — CVSS 9.8 | CVEbaza.pl