CNNVD-202510-3814 Information
CNNVD ID
CNNVD-202510-3814
Related CVE
- CNNVD Published: 2025-10-28
Description (Chinese)
IPFire是IPFire组织的一种开源 Linux 发行版。主要用作路由器和防火墙。 IPFire 2.29之前版本存在安全漏洞,该漏洞源于安装黑名单时对BE_NAME参数处理不当,可能导致命令注入攻击。
Description (English)
IPFire is an open source for the organization Linux. Mainly used as routers and firewalls. There was a security loophole in the previous version of IPFire 2.29, which stemmed from the inappropriate handling of BE NAME parameters at the time the blacklist was installed, which could lead to an order for an attack.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
IPFire
Published
2025-10-28
Last Modified
2026-02-24
References
https://www.ipfire.org/blog/ipfire-2-29-core-update-198-released https://bugzilla.ipfire.org/show_bug.cgi?id=13887 https://www.vulncheck.com/advisories/ipfire-command-injection-via-url-filter-blacklist https://access.redhat.com/security/cve/cve-2025-34312
Patch
https://www.ipfire.org/downloads/ipfire-2.29-core198
Share on: