CVE-2025-50974
MEDIUM EPSS 28.9%
Published Aug 26, 202510mo ago · Modified Jun 17, 20262w ago
6.5 CVSS 3.1
Published Aug 26, 2025 10mo ago
Last Modified Jun 17, 2026 2w ago
Description
The Calamaris log exporter CGI (/cgi-bin/logs.cgi/calamaris.dat) in IPFire 2.29 does not properly sanitize user-supplied input before incorporating parameter values into a shell command. An unauthenticated remote attacker can inject arbitrary OS commands by embedding shell metacharacters in any of the following parameters BYTE_UNIT, DAY_BEGIN, DAY_END, HIST_LEVEL, MONTH_BEGIN, MONTH_END, NUM_CONTENT, NUM_DOMAINS, NUM_HOSTS, NUM_URLS, PERF_INTERVAL, YEAR_BEGIN, YEAR_END.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality Low
Integrity Low
Availability None
Threat Intelligence
EPSS Exploit Probability
28.9% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-78 OS Command Injection Injection
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| ipfire | ipfire | 2.29 | any |
References 1
- github.com https://github.com/4rdr/proofs/blob/main/info/IPFire-2.29-Command-Injection.md
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.