CVE-2025-61304

Name of the Vulnerable Software and Affected Versions Dynatrace ActiveGate versions up to 1.016

Description An OS command injection issue exists in the Dynatrace ActiveGate ping extension. This flaw allows for potential code execution through the use of specially crafted IP addresses. The ping extension is susceptible to this issue, potentially enabling an attacker to inject and execute arbitrary operating system commands. The vulnerable component processes IP addresses without sufficient validation, leading to the possibility of command injection. The affected parameter is the IP address provided to the ping extension.

Recommendations Update Dynatrace ActiveGate to a version beyond 1.016.