CVE-2025-69517 Overview
CVE-2025-69517 is an HTML injection vulnerability affecting Amidaware Inc Tactical RMM, an open-source remote monitoring and management platform. The vulnerability exists in the agent creation functionality, specifically within the POST /api/v3/newagent/ endpoint. Authenticated users can inject arbitrary HTML content through the agent_id parameter, which accepts up to 255 characters and is improperly sanitized. The injected HTML is rendered in the Tactical RMM management panel when an administrator attempts to remove or shut down the affected agent, potentially leading to client-side attacks such as UI manipulation or phishing.
Critical Impact
Authenticated attackers can inject malicious HTML content that renders in the administrator's management panel, enabling UI manipulation and phishing attacks against system administrators.
Affected Products
- Amidaware Inc Tactical RMM v1.3.1 and earlier versions
Discovery Timeline
- 2026-01-28 - CVE CVE-2025-69517 published to NVD
- 2026-01-30 - Last updated in NVD database
Technical Details for CVE-2025-69517
Vulnerability Analysis
This HTML injection vulnerability (CWE-94: Improper Control of Generation of Code) stems from inadequate input sanitization in the Tactical RMM web application. The vulnerability affects the agent registration workflow where user-supplied input in the agent_id parameter is not properly filtered before being stored and later rendered in the administrative interface.
The application attempts to sanitize input using DOMPurify.sanitize() with the html: true option enabled. However, this configuration fails to adequately filter HTML input, allowing malicious HTML content to bypass sanitization and be rendered when administrators interact with the affected agent entries. When an administrator views, removes, or shuts down the compromised agent, the injected HTML executes in their browser context.
Note: The vendor disputes this vulnerability, stating that the report contains incorrect information. Users should consult the AmidAware Official Website and the GitHub TacticalRMM Repository for the latest security guidance.
Root Cause
The root cause of this vulnerability is the misconfiguration of the DOMPurify sanitization library. By enabling the html: true option, the sanitizer allows HTML content to pass through rather than stripping or encoding it. The agent_id parameter, which accepts up to 255 characters, provides sufficient space for meaningful HTML payloads to be injected. The lack of proper output encoding when displaying agent information in the management panel compounds this issue, allowing the stored HTML to be interpreted by the browser.
Attack Vector
The attack vector is network-based and requires authentication to the Tactical RMM platform. An attacker with valid credentials can exploit this vulnerability by:
- Authenticating to the Tactical RMM platform
- Creating a new agent via the POST /api/v3/newagent/ endpoint
- Injecting malicious HTML content in the agent_id parameter
- Waiting for an administrator to interact with the compromised agent entry
The injected HTML renders when an administrator views the agent list or attempts administrative actions such as agent removal or shutdown. This creates an opportunity for phishing attacks, UI manipulation, or other client-side attacks targeting privileged users.
For technical details and proof-of-concept information, refer to the GitHub Gist PoC published by the security researcher.
Detection Methods for CVE-2025-69517
Indicators of Compromise
- Unusual HTML tags or encoded HTML entities within agent_id values in the Tactical RMM database
- Agent entries containing suspicious characters such as <, >, script, iframe, or onclick in their identifiers
- API logs showing abnormally long or malformed payloads to the /api/v3/newagent/ endpoint
- Administrator reports of unexpected UI elements, pop-ups, or phishing prompts when managing agents
Detection Strategies
- Monitor and alert on HTTP POST requests to /api/v3/newagent/ containing HTML special characters or tags in the request body
- Implement Web Application Firewall (WAF) rules to detect and block HTML injection patterns in API parameters
- Review Tactical RMM application logs for agent creation events with unusual agent_id values exceeding typical naming conventions
- Deploy browser-based Content Security Policy (CSP) monitoring to detect inline script execution attempts
Monitoring Recommendations
- Enable detailed logging for all agent creation and modification API endpoints in Tactical RMM
- Configure SIEM rules to correlate multiple suspicious agent creation attempts from the same authenticated user
- Implement database integrity monitoring to detect HTML content in fields that should contain plain text identifiers
- Review authentication logs for accounts being used to create agents with suspicious naming patterns
How to Mitigate CVE-2025-69517
Immediate Actions Required
- Review all existing agent entries in the Tactical RMM database for suspicious HTML content in the agent_id field
- Implement additional input validation on the /api/v3/newagent/ endpoint at the network perimeter using a WAF
- Restrict agent creation privileges to trusted administrators only until a patch is available
- Monitor the GitHub TacticalRMM Repository for security updates and patches
Patch Information
As of the last NVD update on 2026-01-30, no official patch information has been published by the vendor. The vendor has disputed the vulnerability report, stating that it contains incorrect information. Users should monitor the official AmidAware website and the Tactical RMM GitHub repository for updates regarding this issue.
Organizations are advised to contact Amidaware Inc directly for clarification on the vendor's position and any available mitigations.
Workarounds
- Implement strict input validation at the API gateway level to reject requests containing HTML tags in the agent_id parameter
- Deploy a reverse proxy with custom rules to sanitize or block HTML content in agent creation requests
- Apply the principle of least privilege by limiting which user accounts can create new agents
- Configure Content Security Policy (CSP) headers to mitigate the impact of any successfully injected HTML content
# Example nginx configuration to block HTML in agent_id parameter
# Add to location block handling /api/v3/newagent/
location /api/v3/newagent/ {
# Block requests containing HTML tags in body
if ($request_body ~* "<[^>]+>") {
return 403;
}
proxy_pass http://tactical_backend;
}
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
