CVE-2025-34312 | IPFire up to 2.28 /cgi-bin/urlfilter.cgi BE_NAME os command injection

A vulnerability, which was classified as critical, has been found in IPFire up to 2.28. This vulnerability affects unknown code of the file /cgi-bin/urlfilter.cgi. This manipulation of the argument BE_NAME causes os command injection.

The identification of this vulnerability is CVE-2025-34312. It is possible to initiate the attack remotely. There is no exploit available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More