IPFire versions prior to 2.29 (Core Update 198) contain a SQL injection vulnerability that allows an authenticated attacker to manipulate the SQL quer

APPLICATION

28-10-2025 14:54

CVE-2025-34304 Vulnerabilidad documentada

Sin puntuación

Tags

#sql injection

#sql

#injection

#data

#where

#open

#lte

#form

#application

#vulnerability

#database

#/sql(.*)injection/iU

#authenticated

#manipulate

#issue

#inject

#execute

#allow

#attack

Descripción

IPFire versions prior to 2.29 (Core Update 198) contain a SQL injection vulnerability that allows an authenticated attacker manipulate the query used when viewing OpenVPN connection logs via CONNECTION_NAME parameter. When range of logs, application issues HTTP POST request Request-URI /cgi-bin/logs.cgi/ovpnclients.dat and inserts value parameter directly into WHERE clause without proper sanitization or parameterization. The unsanitized can alter executed be disclose sensitive information from database.

https://bugzilla.ipfire.org/show_bug.cgi?id=13879

https://www.ipfire.org/blog/ipfire-2-29-core-update-198-released

https://www.vulncheck.com/advisories/ipfire-sqli-via-openvpn-connection-logs

Referencia

Link externo

Ver detalles

Fuente

https://nvd.nist.gov/vuln/detail/CVE-2025-34304

Resultados similares

Coincidentes en almenos en 50% de los tags

28-10-2025 CVE-2025-34317
IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vu...
Ver información

28-10-2025 CVE-2025-34316
IPFire versions prior to 2.29 (Core Update 198) contain a stored cross-site scripting (XSS) vu...
Ver información