{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-49809", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-07-08T14:30:08.475Z", "dateReserved": "2025-06-11T00:00:00.000Z", "datePublished": "2025-07-04T00:00:00.000Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "product": "mtr", "vendor": "mtr", "versions": [{"lessThanOrEqual": "0.95", "status": "affected", "version": "0", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTR_PACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-829", "description": "CWE-829 Inclusion of Functionality from Untrusted Control Sphere", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-07-04T12:33:53.377Z"}, "references": [{"url": "https://github.com/Homebrew/homebrew-core/issues/35085"}, {"url": "https://github.com/traviscross/mtr/blob/master/SECURITY"}, {"url": "https://github.com/traviscross/mtr/commit/5226f105f087c29d3cfad9f28000e7536af91ac6"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:mtr:mtr:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.95"}]}]}]}, "adp": [{"references": [{"url": "https://github.com/traviscross/mtr/blob/master/SECURITY", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-08T14:11:17.790058Z", "id": "CVE-2025-49809", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-08T14:30:08.475Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-49809", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-07-08T14:11:17.790058Z"}}}], "references": [{"url": "https://github.com/traviscross/mtr/blob/master/SECURITY", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-08T14:11:26.349Z"}}], "cna": {"metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}}], "affected": [{"vendor": "mtr", "product": "mtr", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "0.95"}], "defaultStatus": "unknown"}], "references": [{"url": "https://github.com/Homebrew/homebrew-core/issues/35085"}, {"url": "https://github.com/traviscross/mtr/blob/master/SECURITY"}, {"url": "https://github.com/traviscross/mtr/commit/5226f105f087c29d3cfad9f28000e7536af91ac6"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "descriptions": [{"lang": "en", "value": "mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTR_PACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-829", "description": "CWE-829 Inclusion of Functionality from Untrusted Control Sphere"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mtr:mtr:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "0.95"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-07-04T12:33:53.377Z"}}}, "cveMetadata": {"cveId": "CVE-2025-49809", "state": "PUBLISHED", "dateUpdated": "2025-07-08T14:30:08.475Z", "dateReserved": "2025-06-11T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2025-07-04T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTR_PACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries."}, {"lang": "es", "value": "Desde mtr hasta la versi\u00f3n 0.95, en ciertos contextos privilegiados, se produce un error en la gesti\u00f3n de la ejecuci\u00f3n de un programa especificado por la variable de entorno MTR_PACKET. NOTA: mtr en macOS puede tener reglas Sudo, como consecuencia indirecta de que Homebrew no instala los binarios setuid."}], "id": "CVE-2025-49809", "lastModified": "2025-07-08T16:18:53.607", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.1, "impactScore": 6.0, "source": "[email protected]", "type": "Secondary"}]}, "published": "2025-07-04T13:15:25.780", "references": [{"source": "[email protected]", "url": "https://github.com/Homebrew/homebrew-core/issues/35085"}, {"source": "[email protected]", "url": "https://github.com/traviscross/mtr/blob/master/SECURITY"}, {"source": "[email protected]", "url": "https://github.com/traviscross/mtr/commit/5226f105f087c29d3cfad9f28000e7536af91ac6"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://github.com/traviscross/mtr/blob/master/SECURITY"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-829"}], "source": "[email protected]", "type": "Secondary"}]}

{"bugzilla": {"description": "mtr: From CVEorg collector", "id": "2376353", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376353"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-829", "details": ["mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTR_PACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries.", "A possible privilege escalation flaw was found in the MTR networking tool. This issue occurs in rare cases when the package is configured to run with sudo rules instead of setuid and stems from its improper handling in the execution of a program specified by the MTR_PACKET environment variable."], "name": "CVE-2025-49809", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "mtr", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "mtr", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "mtr", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "mtr", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "mtr", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-07-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-49809\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-49809\nhttps://github.com/Homebrew/homebrew-core/issues/35085\nhttps://github.com/traviscross/mtr/blob/master/SECURITY\nhttps://github.com/traviscross/mtr/commit/5226f105f087c29d3cfad9f28000e7536af91ac6"], "statement": "The condition to exploit this vulnerability is not the default behavior on Linux systems and should rarely occur.", "threat_severity": "Important"}