VYPR
Vendor

Ipfire

Products
1
CVEs
34
Across products
34
Status
Private

Products

1

Recent CVEs

34
View all 34 CVEs →
  • CVE-2025-34116HigJul 15, 2025
    risk 0.66cvss epss 0.01

    A remote command execution vulnerability exists in IPFire before version 2.19 Core Update 101 via the 'proxy.cgi' CGI interface. An authenticated attacker can inject arbitrary shell commands through crafted values in the NCSA user creation form fields, leading to command…

  • CVE-2017-9757HigJun 19, 2017
    risk 0.63cvss 8.8epss 0.39

    IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF.

  • CVE-2025-34318MedOct 28, 2025
    risk 0.33cvss epss 0.00

    IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the TLS_HOSTNAME, UPSTREAM_USER, UPSTREAM_PASSWORD, ADMIN_MAIL_ADDRESS, and ADMIN_PASSWORD…

  • CVE-2021-33393Jun 9, 2021
    risk 0.09cvss epss 0.59

    lfs/backup in IPFire 2.25-core155 does not ensure that /var/ipfire/backup/bin/backup.pl is owned by the root account. It might be owned by an unprivileged account, which could potentially be used to install a Trojan horse backup.pl script that is later executed by root. Similar…

  • CVE-2018-16232Oct 17, 2018
    risk 0.03cvss epss 0.08

    An authenticated command injection vulnerability exists in IPFire Firewall before 2.21 Core Update 124 in backup.cgi. This allows an authenticated user with privileges for the affected page to execute arbitrary commands.

  • CVE-2019-25400Feb 18, 2026
    risk 0.00cvss epss 0.00

    IPFire 2.21 Core Update 127 contains multiple reflected cross-site scripting vulnerabilities in the fwhosts.cgi script that allow attackers to inject malicious scripts through multiple parameters including HOSTNAME, IP, SUBNET, NETREMARK, HOSTREMARK, newhost, grp_name, remark,…

  • CVE-2019-25399Feb 18, 2026
    risk 0.00cvss epss 0.00

    IPFire 2.21 Core Update 127 contains multiple stored cross-site scripting vulnerabilities in the extrahd.cgi script that allow attackers to inject malicious scripts through the FS, PATH, and UUID parameters. Attackers can submit POST requests with script payloads in these…

  • CVE-2019-25398Feb 18, 2026
    risk 0.00cvss epss 0.00

    IPFire 2.21 Core Update 127 contains multiple cross-site scripting vulnerabilities in the ovpnmain.cgi script that allow attackers to inject malicious scripts through VPN configuration parameters. Attackers can submit POST requests with script payloads in parameters like VPN_IP,…

  • CVE-2019-25397Feb 18, 2026
    risk 0.00cvss epss 0.00

    IPFire 2.21 Core Update 127 contains multiple reflected cross-site scripting vulnerabilities in the hosts.cgi script that allow attackers to inject malicious scripts through unvalidated parameters. Attackers can submit POST requests with script payloads in the KEY1, IP, HOST, or…

  • CVE-2019-25396Feb 18, 2026
    risk 0.00cvss epss 0.00

    IPFire 2.21 Core Update 127 contains a reflected cross-site scripting vulnerability in the updatexlrator.cgi script that allows attackers to inject malicious scripts through POST parameters. Attackers can submit crafted requests with script payloads in the MAX_DISK_USAGE or…

  • CVE-2025-34311Oct 28, 2025
    risk 0.00cvss epss 0.14

    IPFire versions prior to 2.29 (Core Update 198) contain a command injection vulnerability that allows an authenticated attacker to execute arbitrary commands as the user 'nobody' via multiple parameters when creating a Proxy report. When a user creates a Proxy report the…

  • CVE-2025-34312Oct 28, 2025
    risk 0.00cvss epss 0.02

    IPFire versions prior to 2.29 (Core Update 198) contain a command injection vulnerability that allows an authenticated attacker to execute arbitrary commands as the 'nobody' user via the BE_NAME parameter when installing a blacklist. When a blacklist is installed the…

  • CVE-2025-34304Oct 28, 2025
    risk 0.00cvss epss 0.00

    IPFire versions prior to 2.29 (Core Update 198) contain a SQL injection vulnerability that allows an authenticated attacker to manipulate the SQL query used when viewing OpenVPN connection logs via the CONNECTION_NAME parameter. When viewing a range of OpenVPN connection logs,…

  • CVE-2025-34307Oct 28, 2025
    risk 0.00cvss epss 0.00

    IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the pienumber parameter when updating the firewall country search defaults. When a user…

  • CVE-2025-34306Oct 28, 2025
    risk 0.00cvss epss 0.00

    IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the pienumber parameter when updating the default firewall IP search values. When a user…

  • CVE-2025-34308Oct 28, 2025
    risk 0.00cvss epss 0.00

    IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the UPDATE_VALUE parameter when updating the default time synchronization settings. When…

  • CVE-2025-34317Oct 28, 2025
    risk 0.00cvss epss 0.00

    IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the TLS_HOSTNAME parameter when adding a new DNS entry. When a user adds a DNS entry, the…

  • CVE-2025-34309Oct 28, 2025
    risk 0.00cvss epss 0.05

    IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the SERVICE, LOGIN, and PASSWORD parameters when creating or editing a Dynamic DNS host.…

  • CVE-2025-34301Oct 28, 2025
    risk 0.00cvss epss 0.05

    IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code into the COUNTRY_CODE parameter when creating a location group. When a user adds a new location…

  • CVE-2025-34316Oct 28, 2025
    risk 0.00cvss epss 0.00

    IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vulnerability that allows an authenticated attacker to inject arbitrary JavaScript code through the txt_mailuser and txt_mailpass parameters when updating the mail server settings. When…