What is CVE-2025-57790?

CVE-2025-57790 is a vulnerability in Commvault Commcell, classified under Absolute Path Traversal. Published 2025-08-20.

Is CVE-2025-57790 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Commvault Commcell

CVE-2025-57790

A security vulnerability has been identified that allows remote attackers to perform unauthorized file system access through a path traversal issue. The vulnerability may lead to remote code execution.

EPSS: 0.461 (97.7th percentile) — read the EPSS interpretation.

Affected products

Commvault Commcell — versions 11.32.0, 11.36.0

Weakness classification (CWE)

CWE-36 — Absolute Path Traversal

Public proof-of-concept exploits

rapid7/metasploit-framework
ARPSyndicate/cve-scores

References

documentation.commvault.com/securityadvisories/CV_2025_08_2.html

Frequently asked questions

What is CVE-2025-57790?: CVE-2025-57790 is a vulnerability in Commvault Commcell, classified under Absolute Path Traversal. Published 2025-08-20.
Is CVE-2025-57790 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.