Multiple Vulnerabilities in NETSCOUT nGeniusONE Threaten Infrastructure Visibility Platforms

NETSCOUT has issued a advisory addressing a series of security vulnerabilities in its flagship infrastructure monitoring platform, nGeniusONE.

NETSCOUT’s nGeniusONE solution is a powerful tool, providing real-time visibility across diverse infrastructure environments, from data centers to cloud deployments and remote offices.

The vulnerabilities disclosed affect critical aspects of nGeniusONE’s operation across cloud, data center, and remote environments. Key issues include:

CVE-2025-32986: Sensitive files accessible without proper authentication.
CVE-2025-32985: Hardcoded credentials extractable from JAR files.
CVE-2025-32984: Stored Cross-Site Scripting (XSS) vulnerability via POST parameters.
CVE-2025-32983: Technical information disclosure via stack errors.
CVE-2025-32982: Broken authorization schema within the reporting module.
CVE-2025-32981: Insecure file permissions for the nGeniusCLI file, allowing local privilege escalation.
CVE-2025-32980: Weak sudo configuration enabling potential misuse.
CVE-2025-32979: Arbitrary file creation vulnerability.

These vulnerabilities pose significant risks to enterprises relying on nGeniusONE for real-time infrastructure visibility. Issues like hardcoded credentials (CVE-2025-32985) and broken authorization schemas (CVE-2025-32982) could enable attackers to gain unauthorized access to sensitive operational environments. Furthermore, stored XSS vulnerabilities (CVE-2025-32984) could allow the execution of malicious scripts against administrators managing these critical platforms.

NETSCOUT strongly recommends that all customers upgrade to build 6.4.0 b2350 or later to remediate these vulnerabilities. Organizations should also review their current nGeniusONE deployments for signs of unauthorized access or exploitation.

Rate this post

Related Posts:

Leave a Reply Cancel reply