CNNVD-202510-3816 Information
CNNVD ID
CNNVD-202510-3816
Related CVE
- CNNVD Published: 2025-10-28
Description (Chinese)
IPFire是IPFire组织的一种开源 Linux 发行版。主要用作路由器和防火墙。 IPFire 2.29之前版本存在安全漏洞,该漏洞源于创建代理报告时未对多个参数进行清理,可能导致命令注入攻击。
Description (English)
IPFire is an open source for the organization Linux. Mainly used as routers and firewalls. The previous version of IPFire 2.29 had a security loophole, which stemmed from the failure to clean up multiple parameters at the time of the creation of the proxy report, which could lead to an order for an attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
IPFire
Published
2025-10-28
Last Modified
2026-02-24
References
https://www.ipfire.org/blog/ipfire-2-29-core-update-198-released https://bugzilla.ipfire.org/show_bug.cgi?id=13886 https://www.vulncheck.com/advisories/ipfire-command-injection-via-proxy-report-creation https://access.redhat.com/security/cve/cve-2025-34311
Patch
https://www.ipfire.org/downloads/ipfire-2.29-core198
Share on: