CVE-2026-34797 | Endian Firewall 3.3.25 Regular Expression /cgi-bin/logs_smtp.cgi open Date os command injection

Inserito da Angelo Barbosa | Apr 2, 2026 | CVE

A vulnerability has been found in Endian Firewall 3.3.25 and classified as critical. Affected is the function Open of the file /cgi-bin/logs_smtp.cgi of the component Regular Expression Handler. Performing a manipulation of the argument Date results in os command injection.

This vulnerability was named CVE-2026-34797. The attack may be initiated remotely. There is no available exploit.

CVE-2026-34797 | Endian Firewall 3.3.25 Regular Expression /cgi-bin/logs_smtp.cgi open Date os command injection

Post correlati

CVE-2025-8838 | WinterChenS my-site up to 1f7525f15934d9d6a278de967f6ec9f1757738d8 Backend Interface /admin/ preHandle uri improper authentication (Issue 97)

CVE-2024-35113 | IBM Control Center 6.2.1/6.3.1 exposure of information through directory listing

CVE-2023-53795 | Linux Kernel up to 6.4.7 iommufd iommufd_ref_to_users deserialization

CVE-2025-3446 | Mattermost up to 9.11.11/10.4.4/10.5.2/10.6.1 API authorization