Low severity3.5NVD Advisory· Published Jan 2, 2026· Updated Apr 29, 2026
CVE-2025-15437
CVE-2025-15437
Description
A vulnerability was found in LigeroSmart up to 6.1.24. This affects an unknown part of the component Environment Variable Handler. Performing a manipulation of the argument REQUEST_URI results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could be used. Upgrading to version 6.1.26 and 6.3 is able to mitigate this issue. The patch is named 264ac5b2be5b3c673ebd8cb862e673f5d300d9a7. The affected component should be upgraded.
Affected products
1Patches
2264ac5b2be5bfix: REQUEST_URI sanitization, solves #278
3 files changed · +30 −3
Kernel/System/Web/InterfaceAgent.pm+10 −1 modified@@ -119,9 +119,18 @@ sub Run { ) { my $Host = $ENV{HTTP_HOST} || $ConfigObject->Get('FQDN'); + + # Sanitize REQUEST_URI to prevent XSS attacks + my $RequestURI = $ENV{REQUEST_URI} || '/'; + # Remove HTML/script injection characters + $RequestURI =~ s/[<>"'`]//g; + # Remove control characters + $RequestURI =~ s/[\x00-\x1F\x7F]//g; + # If URI becomes empty or invalid after sanitization, use default + $RequestURI = '/' if $RequestURI !~ m{^/}; # Redirect with 301 code. Add two new lines at the end, so HTTP headers are validated correctly. - print "Status: 301 Moved Permanently\nLocation: https://$Host$ENV{REQUEST_URI}\n\n"; + print "Status: 301 Moved Permanently\nLocation: https://$Host$RequestURI\n\n"; return; } }
Kernel/System/Web/InterfaceCustomer.pm+10 −1 modified@@ -120,9 +120,18 @@ sub Run { ) { my $Host = $ENV{HTTP_HOST} || $ConfigObject->Get('FQDN'); + + # Sanitize REQUEST_URI to prevent XSS attacks + my $RequestURI = $ENV{REQUEST_URI} || '/'; + # Remove HTML/script injection characters + $RequestURI =~ s/[<>"'`]//g; + # Remove control characters + $RequestURI =~ s/[\x00-\x1F\x7F]//g; + # If URI becomes empty or invalid after sanitization, use default + $RequestURI = '/' if $RequestURI !~ m{^/}; # Redirect with 301 code. Add two new lines at the end, so HTTP headers are validated correctly. - print "Status: 301 Moved Permanently\nLocation: https://$Host$ENV{REQUEST_URI}\n\n"; + print "Status: 301 Moved Permanently\nLocation: https://$Host$RequestURI\n\n"; return; } }
Kernel/System/Web/InterfacePublic.pm+10 −1 modified@@ -109,9 +109,18 @@ sub Run { ) { my $Host = $ENV{HTTP_HOST} || $ConfigObject->Get('FQDN'); + + # Sanitize REQUEST_URI to prevent XSS attacks + my $RequestURI = $ENV{REQUEST_URI} || '/'; + # Remove HTML/script injection characters + $RequestURI =~ s/[<>"'`]//g; + # Remove control characters + $RequestURI =~ s/[\x00-\x1F\x7F]//g; + # If URI becomes empty or invalid after sanitization, use default + $RequestURI = '/' if $RequestURI !~ m{^/}; # Redirect with 301 code. Add two new lines at the end, so HTTP headers are validated correctly. - print "Status: 301 Moved Permanently\nLocation: https://$Host$ENV{REQUEST_URI}\n\n"; + print "Status: 301 Moved Permanently\nLocation: https://$Host$RequestURI\n\n"; return; } }
61dab1b0104efix: atualizar versão para 6.1.26
1 file changed · +1 −1
RELEASE+1 −1 modified@@ -1,2 +1,2 @@ -VERSION = 6.1.25 +VERSION = 6.1.26 PRODUCT = LigeroSmart
Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
7- github.com/LigeroSmart/ligerosmart/commit/264ac5b2be5b3c673ebd8cb862e673f5d300d9a7nvdPatch
- github.com/LigeroSmart/ligerosmart/issues/278nvdExploitIssue Tracking
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdThird Party AdvisoryVDB Entry
- github.com/LigeroSmart/ligerosmart/issues/278nvdIssue Tracking
- github.com/LigeroSmart/ligerosmart/releases/tag/6.1.26nvdRelease Notes
- vuldb.comnvdPermissions RequiredVDB Entry
News mentions
0No linked articles in our index yet.