CVE-2025-34088

An authenticated remote code execution vulnerability exists in Pandora FMS version 7.0NG and earlier. The net_tools.php functionality allows authenticated users to execute arbitrary OS commands via the select_ips parameter when performing network tools operations, such as pinging. This occurs because user input is not properly sanitized before being passed to system commands, enabling command injection.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/pandorafms/pandorafms	Product
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/pandora_ping_cmd_exec.rb	Exploit
https://vulncheck.com/advisories/pandora-fms-rce-via-ping	Third Party Advisory
https://www.exploit-db.com/exploits/48334	Exploit VDB Entry
https://www.rapid7.com/db/modules/exploit/linux/http/pandora_ping_cmd_exec/	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:pandorafms:pandora_fms:*:*:*:*:*:*:*:*

History

16 Sep 2025, 19:44

Type	Values Removed	Values Added
References	~~() https://github.com/pandorafms/pandorafms -~~	() https://github.com/pandorafms/pandorafms - Product
References	~~() https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/pandora_ping_cmd_exec.rb -~~	() https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/pandora_ping_cmd_exec.rb - Exploit
References	~~() https://vulncheck.com/advisories/pandora-fms-rce-via-ping -~~	() https://vulncheck.com/advisories/pandora-fms-rce-via-ping - Third Party Advisory
References	~~() https://www.exploit-db.com/exploits/48334 -~~	() https://www.exploit-db.com/exploits/48334 - Exploit, VDB Entry
References	~~() https://www.rapid7.com/db/modules/exploit/linux/http/pandora_ping_cmd_exec/ -~~	() https://www.rapid7.com/db/modules/exploit/linux/http/pandora_ping_cmd_exec/ - Third Party Advisory
First Time		Pandorafms pandora Fms Pandorafms
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.8
CPE		cpe:2.3:a:pandorafms:pandora_fms::::::::

08 Jul 2025, 16:19

Type	Values Removed	Values Added
Summary		(es) Existe una vulnerabilidad de ejecución remota de código autenticado en Pandora FMS versión 7.0NG y anteriores. La función net_tools.php permite a los usuarios autenticados ejecutar comandos arbitrarios del sistema operativo mediante el parámetro select_ips al realizar operaciones con herramientas de red, como hacer ping. Esto se debe a que la entrada del usuario no se depura correctamente antes de pasarla a los comandos del sistema, lo que permite la inyección de comandos.

03 Jul 2025, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-03 20:15

Updated : 2025-09-16 19:44

NVD link : CVE-2025-34088

Mitre link : CVE-2025-34088

CVE.ORG link : CVE-2025-34088

JSON object : View

Products Affected

pandorafms

pandora_fms

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

8.8 /10