Vulnerability Database

309,134

Total vulnerabilities in the database

CVE-2025-34116

A remote command execution vulnerability exists in IPFire before version 2.19 Core Update 101 via the 'proxy.cgi' CGI interface. An authenticated attacker can inject arbitrary shell commands through crafted values in the NCSA user creation form fields, leading to command execution with web server privileges.

Published: Jul 15, 2025
Updated: Nov 16, 2025
CVE: CVE-2025-34116
Exploit:

No technical information available.

CWEs:

CWE-78
CWE-20
CWE-306

OWASP TOP 10:

A1 - Injection

Affected Software
References

No affected software listed.

https://bugzilla.ipfire.org/show_bug.cgi?id=11087
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/ipfire_proxy_exec.rb
https://www.asafety.fr/en/vuln-exploit-poc/xss-rce-ipfire-2-19-core-update-101-remote-command-execution/
https://www.exploit-db.com/exploits/39765
https://www.ipfire.org/news/ipfire-2-19-core-update-101-released
https://www.vulncheck.com/advisories/ipfire-authenticated-rce

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo