Ctrl + K
/ news / CVE
CVEPublished 2025-06-201 article on news6 live referencesNVD data

CVE-2025-34030

Vulnerability data via CVEDB (Shodan)

CVSS v3.1
10.0
CRITICAL
EPSS percentile
99
Exploit Prediction Scoring System · top 1% of all CVEs
Description

An OS command injection vulnerability exists in sar2html version 3.2.2 and prior via the plot parameter in index.php. The application fails to sanitize user-supplied input before using it in a system-level context. Remote, unauthenticated attackers can inject shell commands by appending them to the plot parameter (e.g., ?plot=;id) in a crafted GET request. The output of the command is displayed in the application's interface after interacting with the host selection UI. Successful exploitation leads to arbitrary command execution on the underlying system. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-04 UTC.

Timeline
Published 2025-06-20

External references

NVDMITREExploit-DBSploitustrickest/cveVulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag0 hosts
vuln:CVE-2025-34030
Hosts Shodan has explicitly fingerprinted as vulnerable.
More intel sources (5)
Shodan report
vuln:CVE-2025-34030
Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2025-34030
Censys host search filtered to this CVE id.
grep.app
CVE-2025-34030
Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2025-34030
GitHub code search for direct mentions.
Google dork
"CVE-2025-34030" exploit -site:nvd.nist.gov
Write-ups and news, NVD excluded.

Known PoCs on GitHub

No public proof-of-concept repositories found for CVE-2025-34030 on GitHub.
Articles on news mentioning CVE-2025-34030