CNNVD-202507-2032 Information
CNNVD ID
CNNVD-202507-2032
Related CVE
- CNNVD Published: 2025-07-15
Description (Chinese)
IPFire是IPFire组织的一种开源 Linux 发行版。主要用作路由器和防火墙。 IPFire存在安全漏洞,该漏洞源于proxy.cgi接口输入验证不当,可能导致远程命令执行。
Description (English)
IPFire is an open source for the organization Linux. Mainly used as routers and firewalls. IPFire has a security loophole, which stems from the inappropriate validation of the proxy.cgi interface, which may lead to remote command execution.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
IPLD
Published
2025-07-15
Last Modified
2026-02-24
References
https://www.asafety.fr/en/vuln-exploit-poc/xss-rce-ipfire-2-19-core-update-101-remote-command-execution/ https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/ https://www.ipfire.org/news/ipfire-2-19-core-update-101-released https://www.vulncheck.com/advisories/ipfire-authenticated-rce https://bugzilla.ipfire.org/show_bug.cgi?id=11087 https://www.exploit-db.com/exploits/39765 https://nvd.nist.gov/vuln/detail/CVE-2025-34116
Patch
https://www.ipfire.org/downloads/ipfire-2.29-core195
Share on: