Unrated severityNVD Advisory· Published Dec 10, 2025· Updated Mar 5, 2026

Barracuda RMM < 2025.1.1 Service Center .NET Remoting Path Traversal RCE

CVE-2025-34395

Description

Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, exposes a .NET Remoting service in which an unauthenticated attacker can invoke a method vulnerable to path traversal to read arbitrary files. This vulnerability can be escalated to remote code execution by retrieving the .NET machine keys.

Affected products

Microfocus/Service Center Serverllm-fuzzy
Range: <2025.1.1
Barracuda Networks/RMMv5
Range: 2025.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

download.mw-rmm.barracudamsp.com/PDF/2025.1.1/RN_BRMM_2025.1.1_EN.pdfmitrevendor-advisorypatch
www.vulncheck.com/advisories/barracuda-rmm-service-center-net-remoting-path-traversal-rcemitrethird-party-advisory
www.barracuda.com/products/msp/network-protection/rmmmitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000