CVE-2018-16232

critical-risk

Published 2018-10-17

An authenticated command injection vulnerability exists in IPFire Firewall before 2.21 Core Update 124 in backup.cgi. This allows an authenticated user with privileges for the affected page to execute arbitrary commands.

Do I need to act?

38.5% chance of exploitation in next 30 days

EPSS score — higher than 62% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

NETWORK / LOW complexity

Affected Products (20)

Ipfire

Affected Vendors

Ipfire

References (4)

Exploit https://doddsecurity.com/213/command-injection-on-ipfire-firewalls/

Patch https://www.ipfire.org/news/ipfire-2-21-core-update-124-released

Exploit https://doddsecurity.com/213/command-injection-on-ipfire-firewalls/

Patch https://www.ipfire.org/news/ipfire-2-21-core-update-124-released

/ 100

critical-risk

Severity 30/34 · Critical

Exploitability 17/34 · Moderate

Exposure 26/34 · High