A critical vulnerability in Net-SNMP software (CVE-2025-68615) allows remote attackers to crash network monitoring systems or potentially take complete control. The flaw affects the snmptrapd daemon that processes SNMP trap messages on routers, switches, and servers across enterprise networks.
Attackers can exploit this by sending specially crafted packets that trigger buffer overflows. With a severe CVSS score of 9.8, the vulnerability could enable remote code execution without authentication.
Net-SNMP maintainers have released patches in versions 5.9.5 and 5.10.pre2. Organizations should upgrade immediately or implement network segmentation to block external access to SNMP ports as a temporary workaround.
Source: Cybersecurity News