A critical vulnerability in Net-SNMP software (CVE-2025-68615) allows remote attackers to crash network monitoring systems or potentially execute code remotely. The flaw affects the snmptrapd daemon that processes SNMP trap messages on routers, switches, and servers.
Attackers can exploit this by sending specially crafted packets that trigger buffer overflows. With a CVSS score of 9.8, the vulnerability could enable complete system takeover without passwords or user interaction.
Net-SNMP maintainers have released patches in versions 5.9.5 and 5.10.pre2. Organizations should upgrade immediately or implement network segmentation as a temporary workaround, ensuring SNMP ports aren't exposed to the internet.
Source: Cybersecurity News