CVE-2025-34116

IPFire < 2.19 Core Update 101 proxy.cgi RCE

CVSS 8.7 HIGHEPSS 1.1%CWE-20 CWE-306 CWE-78

A remote command execution vulnerability exists in IPFire before version 2.19 Core Update 101 via the 'proxy.cgi' CGI interface. An authenticated attacker can inject arbitrary shell commands through crafted values in the NCSA user creation form fields, leading to command execution with web server privileges.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

IPFire Project · IPFire

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://bugzilla.ipfire.org/show_bug.cgi?id=11087 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/ipfire_proxy_exec.rb https://www.asafety.fr/en/vuln-exploit-poc/xss-rce-ipfire-2-19-core-update-101-remote-command-execution/https://www.exploit-db.com/exploits/39765 https://www.ipfire.org/news/ipfire-2-19-core-update-101-released https://www.vulncheck.com/advisories/ipfire-authenticated-rce