Vulnerability Description
A remote command execution vulnerability exists in IPFire before version 2.19 Core Update 101 via the 'proxy.cgi' CGI interface. An authenticated attacker can inject arbitrary shell commands through crafted values in the NCSA user creation form fields, leading to command execution with web server privileges.
Related Weaknesses (CWE)
References
- https://bugzilla.ipfire.org/show_bug.cgi?id=11087
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exp
- https://www.asafety.fr/en/vuln-exploit-poc/xss-rce-ipfire-2-19-core-update-101-r
- https://www.exploit-db.com/exploits/39765
- https://www.ipfire.org/news/ipfire-2-19-core-update-101-released
- https://www.vulncheck.com/advisories/ipfire-authenticated-rce
FAQ
What is CVE-2025-34116?
CVE-2025-34116 is a documented vulnerability. A remote command execution vulnerability exists in IPFire before version 2.19 Core Update 101 via the 'proxy.cgi' CGI interface. An authenticated attacker can inject arbitrary shell commands through c...
How severe is CVE-2025-34116?
CVSS scoring is not yet available for CVE-2025-34116. Check NVD for updates.
Is there a patch for CVE-2025-34116?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.