CVE-2026-34795 | Endian Firewall 3.3.25 Regular Expression /cgi-bin/logs_log.cgi open Date os command injection

Inserito da Angelo Barbosa | Apr 2, 2026 | CVE

A vulnerability, which was classified as critical, has been found in Endian Firewall 3.3.25. This affects the function Open of the file /cgi-bin/logs_log.cgi of the component Regular Expression Handler. This manipulation of the argument Date causes os command injection.

This vulnerability is handled as CVE-2026-34795. The attack can be initiated remotely. There is not any exploit available.

CVE-2026-34795 | Endian Firewall 3.3.25 Regular Expression /cgi-bin/logs_log.cgi open Date os command injection

Post correlati

CVE-2024-40404 | Cybele Software Thinfinity Workspace prior 7.0.2.113 Web Sockets Connection API Endpoint access control

CVE-2024-1054 | Booster for WooCommerce Plugin up to 7.1.6 on WordPress cross site scripting

CVE-2024-43655 | Iocharger firmware for AC models prior 24120701 os command injection (DIVD-2024-00035)

CVE-2024-10310 | bdthemes Element Pack Elementor Addons Plugin up to 5.10.1 on WordPress Custom Gallery Widget image_title cross site scripting