CVE-2025-61304
Published: 05 November 2025
Description
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
Security Summary
CVE-2025-61304 is an OS command injection vulnerability (CWE-78) in the Dynatrace ActiveGate ping extension for versions up to 1.016. The issue arises from processing a crafted IP address, enabling arbitrary command execution on the underlying operating system. It carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), classifying it as critical due to its network accessibility, low attack complexity, and lack of prerequisites like privileges or user interaction.
A remote, unauthenticated attacker can exploit this vulnerability over the network by supplying a malicious IP address to the ping extension. Successful exploitation allows injection and execution of arbitrary OS commands, resulting in high-impact compromise of confidentiality, integrity, and availability—potentially enabling full control over the affected ActiveGate host.
Mitigation details and additional technical information are available in the referenced advisory at https://github.com/pentastic-be/CVE-2025-61304. The CVE was published on 2025-11-05T16:15:40.770.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Remote unauthenticated command injection in a network-accessible service enables T1190 (Exploit Public-Facing Application) and directly facilitates arbitrary OS command execution via T1059 (Command and Scripting Interpreter).