virus logo Intrusion Prevention

Commvault.Command.Center.deployWebpackage.do.Path.Traversal

description-logoDescription

This indicates an attack attempt to exploit a Path Traversal Vulnerability in Commvault Command Center.
The vulnerability is due to improper validation of user-supplied inputs. An attacker could exploit this vulnerability by sending a crafted request to the target server. Successful exploitation of this vulnerability could lead to arbitrary code execution.

description-logoOutbreak Alert

FortiGuard Labs has detected persistent attempts to exploit the Commvault Command Center path traversal vulnerability, identified as CVE-2025-34028. If attacks succeed, they could achieve full system compromise. FortiGuard telemetry shows exploitation attempts in the United States, Brazil, Turkey, the United Kingdom and Italy.

View the full Outbreak Alert Report

affected-products-logoAffected Products

Commvault Command Center from 11.38.0 to 11.38.19

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.commvault.com/platform/command-center

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2025-05-08 32.004
Modified
 Default_action:pass:drop
2025-04-29 31.998
New
ID 57882
Created Apr 28, 2025
Updated May 12, 2025
CVE ID
Tags Commvault CC Path Traversal Threat Signal
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Known Exploited Yes
Exploit Prediction Score 61.62%
Default Action drop
Active
Affected OS Windows, Linux
Affected App Other
Profile Type Path Traversal