Impact
An issue in SNMP4J-Agent version 3.8.3 allows a remote attacker to execute arbitrary code via the snmp4jCfgStoragePath component. Based on the listed CWEs (CWE‑284, CWE‑502, CWE‑73), it is inferred that the vulnerability may involve insufficient access control, unsafe deserialization, and path traversal, which together can enable full system compromise.
Affected Systems
The vulnerability affects installations of SNMP4J-Agent 3.8.3 that include the snmp4jCfgStoragePath component; any such deployment is at risk.
Risk and Exploitability
The CVSS score of 9.8 indicates a critical severity. The EPSS score of less than 1% suggests that exploitation is currently rare, and the vulnerability is not listed in CISA’s KEV catalog. Based on the description, it is inferred that an attacker may need to interact with the SNMP service to trigger the vulnerable component, but the authentication requirements are not explicitly defined.
OpenCVE Enrichment