CVE-2025-34252: NetSarang v5.0 Malicious Backdoor Supply Chain Compromise
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. This vulnerability has been reassigned as CVE-2017-20203 ( https://www.cve.org/CVERecord?id=CVE-2017-20203 ) to have the year of the CVE correspond to the year of public disclosure.
Affected Software
Event History
Frequently Asked Questions
What is the severity of CVE-2025-34252?
CVE-2025-34252 is considered a critical vulnerability due to its potential for remote exploitation through a DNS-based backdoor.
How do I fix CVE-2025-34252?
To mitigate CVE-2025-34252, users should immediately upgrade to the latest patched versions of the affected NetSarang products.
Which versions are affected by CVE-2025-34252?
CVE-2025-34252 affects NetSarang Xmanager Enterprise 5.0 Build 1232, Xmanager 5.0 Build 1045, Xshell 5.0 Build 1322, Xftp 5.0 Build 1218, and Xlpd 5.0 Build 1220.
What type of threat does CVE-2025-34252 pose?
CVE-2025-34252 poses a significant threat as it allows unauthorized access through a malicious backdoor hidden in the nssock2.dll.
Can CVE-2025-34252 affect corporate networks?
Yes, CVE-2025-34252 can impact corporate networks, as it has the potential to be exploited by attackers in environments using the affected NetSarang software.