Explore the latest product updates and best practices at our hybrid Checkmk Conference #12 from June 16-18, 2026 – Register here
back to website

Werk #17996: Arbitrary file write with vcrtrace

Component Checks & agents
Title Arbitrary file write with vcrtrace
Date Apr 30, 2025
Level Trivial Change
Class Security Fix
Compatibility Compatible - no manual interaction needed
Checkmk versions & editions
2.5.0b1 Checkmk Community, Checkmk Pro, Checkmk Ultimate, Checkmk Ultimate MT
2.4.0p1 Checkmk Community, Checkmk Pro, Checkmk Ultimate, Checkmk Ultimate MT
2.3.0p32 Checkmk Community, Checkmk Pro, Checkmk Ultimate, Checkmk Ultimate MT
2.2.0p42 Checkmk Community, Checkmk Pro, Checkmk Ultimate, Checkmk Ultimate MT

Previous to this Werk it was possible to inject arguments to the commandline of some checks and special agents. If the option --vcrtrace was injected the http traffic was dumped into a file given via this parameter. The path was not validated.

This vulnerability was identified in a commissioned penetration test conducted by PS Positive Security GmbH.

Affected Versions:

  • 2.4.0 (beta)
  • 2.3.0
  • 2.2.0
  • 2.1.0 (EOL)

Vulnerability Management:

We have rated the issue with a CVSS Score of 8.7 High (CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N) and assigned CVE-2025-1712.

To the list of all Werks