CVE-2026-34790 | Endian Firewall 3.3.25 Parameter /cgi-bin/backup.cgi unlink Archive path traversal

A vulnerability was found in Endian Firewall 3.3.25. It has been declared as critical. Affected is the function unlink of the file /cgi-bin/backup.cgi of the component Parameter Handler. Executing a manipulation of the argument Archive can lead to path traversal.

This vulnerability is tracked as CVE-2026-34790. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More