Arbitrary File Write and Remote Code Execution in Barracuda Service Center RMM Solution
CVE-2025-34392

10CRITICAL

Key Information:

Vendor

Barracuda Networks

Status
Rmm
Vendor
CVE Published:
10 December 2025

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2025-34392?

The Barracuda Service Center's RMM solution, prior to version 2025.1.1, is vulnerable due to its failure to verify the URL specified in an attacker-controlled WSDL. This oversight allows attackers to execute arbitrary file writes and potentially trigger remote code execution through webshell uploads, compromising the security of affected systems.

Affected Version(s)

RMM 2025.1 < 2025.1.1

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-34392 - Proof of Concept

References

https://download.mw-rmm.barracudamsp.com/PDF/2025.1.1/RN_...
vendor-advisorypatch
https://www.barracuda.com/products/msp/network-protection...
product
https://www.vulncheck.com/advisories/barracuda-rmm-servic...
third-party-advisory

CVSS V4

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Piotr Bazydlo of watchTowr
JSON
.
CVE-2025-34392 : Arbitrary File Write and Remote Code Execution in Barracuda Service Center RMM Solution