CVE-2025-32813
Published: 22 May 2025
Summary
CVE-2025-32813 is a high-severity Command Injection (CWE-77) vulnerability in Infoblox Netmri. Its CVSS base score is 7.2 (High).
Operationally, ranked in the top 6.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2025-32813 affects Infoblox NETMRI versions prior to 7.6.1 and involves remote unauthenticated command injection, corresponding to CWE-77. The flaw permits arbitrary command execution over the network with a CVSS 3.1 base score of 7.2.
An unauthenticated attacker with network access can supply crafted input that results in command injection. Successful exploitation grants the ability to execute arbitrary commands, leading to full compromise of confidentiality, integrity, and availability on the affected appliance.
The vendor advisory at https://support.infoblox.com/s/article/Infoblox-NetMRI-is-vulnerable-to-CVE-2025-32813 addresses the issue in NETMRI 7.6.1 and later releases. The associated EPSS score has remained at 0.1118 with no indicated increase after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-16153
Vulnerability details
An issue was discovered in Infoblox NETMRI before 7.6.1. Remote Unauthenticated Command Injection can occur.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.