CVE-2026-39006
Description
SNMP4J-Agent 3.8.3 allows remote code execution via the snmp4jCfgStoragePath component due to insecure deserialization and file write.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
SNMP4J-Agent 3.8.3 allows remote code execution via the snmp4jCfgStoragePath component due to insecure deserialization and file write.
Vulnerability
SNMP4J-Agent 3.8.3 has a vulnerability in the snmp4jCfgStoragePath component. The default SampleAgent configuration maps SNMPv1/v2c community "public" to unrestrictedWriteView, allowing remote attackers to modify snmp4jCfgStoragePath. This path is used by DefaultMOPersistenceProvider for persistent configuration storage and restore operations, which involve Java object deserialization. According to [1], the vulnerability is related to CWE-284 (Improper Access Control), CWE-73 (External Control of File Name or Path), and CWE-502 (Deserialization of Untrusted Data). Affected version: 3.8.3.
Exploitation
An attacker with network access to the SNMP service can use the default community string "public" to send SNMP SET requests. By setting snmp4jCfgStoragePath to a controlled path and triggering snmp4jCfgStorageOperation to "store" or "restore", the attacker can write arbitrary files or deserialize malicious Java objects. The original report validated this by starting the SampleAgent with default configuration, using SNMP SET to set the path and operation, and observing serialized file creation and deserialization triggers [1]. No authentication is required beyond knowing the default community.
Impact
Successful exploitation can lead to arbitrary code execution via deserialization of attacker-controlled serialized Java objects. Additionally, the store operation allows arbitrary file write/overwrite at attacker-controlled local paths. This could result in full compromise of the SNMP4J-Agent process. Denial of service is also possible if invalid serialized input is restored [1].
Mitigation
As of the publication date (2026-06-15), no official patch has been released. Users should restrict network access to the SNMP service, change default community strings, and avoid using the unrestrictedWriteView mapping in production. The advisory [1] recommends reviewing the DefaultMOPersistenceProvider configuration and considering input validation on snmp4jCfgStoragePath. If upgrading becomes available, apply immediately. Not listed in CISA KEV as of now.
AI Insight generated on Jun 15, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: = 3.8.3
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
1News mentions
0No linked articles in our index yet.