CVE-2025-50974

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

26/08/2025

Last modified:

26/08/2025

Description

The Calamaris log exporter CGI (/cgi-bin/logs.cgi/calamaris.dat) in IPFire 2.29 does not properly sanitize user-supplied input before incorporating parameter values into a shell command. An unauthenticated remote attacker can inject arbitrary OS commands by embedding shell metacharacters in any of the following parameters BYTE_UNIT, DAY_BEGIN, DAY_END, HIST_LEVEL, MONTH_BEGIN, MONTH_END, NUM_CONTENT, NUM_DOMAINS, NUM_HOSTS, NUM_URLS, PERF_INTERVAL, YEAR_BEGIN, YEAR_END.

Impact

References to Advisories, Solutions, and Tools

https://github.com/4rdr/proofs/blob/main/info/IPFire-2.29-Command-Injection.md