Primary

Context

Infoblox NIOS Privilege Escalation Vulnerability Allowing Authenticated Remote Code Execution

Vulnerability

Patched

A vulnerability in Infoblox NIOS in versions 8.6 prior to 8.6.4 and 9.0 prior to 9.0.4 allows for authenticated remote code execution and unauthorized user-level shell access. This issue arises from executing with more privileges than necessary, and exploitation requires valid admin credentials.

Impact

Exploitation of this vulnerability could lead to authenticated remote code execution and unauthorized access to a user-level shell.

Remediation

Users can upgrade to Infoblox NIOS 8.6.4 hotfix or 9.0.4, both of which contain the fix for this vulnerability. Instructions for applying the hotfix are available in the Infoblox Support Portal.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Infoblox NIOS Privilege Escalation Vulnerability Allowing Authenticated Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

Infoblox NIOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating