CVE-2025-9276
published 2025-09-02CVE-2025-9276: Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability. This vulnerability could allow remote attackers to bypass…
PriorityP270critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
0.78%
51.4th percentile
Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability. This vulnerability could allow remote attackers to bypass authentication on systems that use the affected version of the Cockroach Labs cockroach-k8s-request-cert container image.
The specific flaw exists within the configuration of the system shadow file. The issue results from a blank password setting for the root user. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-22195.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cockroach_labs | cockroach-k8s-request-cert | — | — |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cisa7.2HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-f2xw-w9gh-q2h9: Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability
ghsa_unreviewed·2025-09-02
CVE-2025-9276 [CRITICAL] CWE-258 GHSA-f2xw-w9gh-q2h9: Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability
Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability. This vulnerability could allow remote attackers to bypass authentication on systems that use the affected version of the Cockroach Labs cockroach-k8s-request-cert container image.
The specific flaw exists within the configuration of the system shadow file. The issue results from a blank password setting for the root user. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-22195.
CISA
Paessler PRTG Network Monitor OS Command Injection Vulnerability
cisa·2025-02-04·CVSS 7.2
CVE-2018-9276 [HIGH] CWE-78 Paessler PRTG Network Monitor OS Command Injection Vulnerability
Vulnerability: Paessler PRTG Network Monitor OS Command Injection Vulnerability
Affected: Paessler PRTG Network Monitor
Paessler PRTG Network Monitor contains an OS command injection vulnerability that allows an attacker with administrative privileges to execute commands via the PRTG System Administrator web console.
Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes: https://www.paessler.com/prtg/history/prtg-18#18.2.39 ; https://nvd.nist.gov/vuln/detail/CVE-2018-9276
Remediation Due Date: 2025-02-25
Suricata
ET WEB_SPECIFIC_APPS Paessler PRTG Notification Command Injection Attempt (CVE-2018-9276)
suricata·2025-02-24·CVSS 7.2
CVE-2018-9276 [HIGH] ET WEB_SPECIFIC_APPS Paessler PRTG Notification Command Injection Attempt (CVE-2018-9276)
ET WEB_SPECIFIC_APPS Paessler PRTG Notification Command Injection Attempt (CVE-2018-9276)
Rule: alert http1 any any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Paessler PRTG Notification Command Injection Attempt (CVE-2018-9276)"; flow:established,to_server; http.method; content:"POST"; http.uri; content:"/editsettings"; http.header; content:"X-Requested-With|3a 20|XMLHttpRequest"; http.request_body; content:"message_10|3d|"; fast_pattern; pcre:"/^[^\x26]*?(?:(?:\x3b|%3[Bb])|(?:\x0a|%0[Aa])|(?:\x60|%60)|(?:\x7c|%7[Cc])|(?:\x24|%24))+/R"; reference:cve,2018-9276; reference:url,github.com/A1vinSmith/CVE-2018-9276/tree/main; classtype:attempted-admin; sid:2060348; rev:1; metadata:affected_product Paessler_PRTG, attack_target Networking_Equipment, tls_state plaintext, created_at 2025_02_24, c
No public exploits indexed.
No writeups or analysis indexed.
2025-09-02
Published