Skip to main content

Firewall Community

35 CVEs product

Monthly

CVE-2026-34823 MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the remark parameter in the /manage/password/web/ endpoint. The injected payload is persistently stored and executes when other authenticated users access the affected page, enabling session hijacking, credential theft, or lateral movement within the firewall management interface. No public exploit code or active exploitation has been confirmed at the time of analysis.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34822 MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and earlier allows authenticated attackers to inject arbitrary JavaScript via the new_cert_name parameter in the /manage/ca/certificate/ endpoint. The injected payload is stored and executed when other users access the affected page, enabling session hijacking, credential theft, or malware distribution within the firewall management interface. No public exploit code or active exploitation has been confirmed at the time of this analysis.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34821 MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the remark parameter in the VPN authentication user management interface (/manage/vpnauthentication/user/). The injected payload persists in the database and executes when other authenticated users access the affected page, enabling session hijacking, credential theft, or lateral privilege escalation within the firewall management console.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34820 MEDIUM This Month

Stored cross-site scripting in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject malicious JavaScript via the remark parameter in the IPSec management interface (/manage/ipsec/), which persists and executes when other users access the affected page. This requires user interaction (page view) and only affects session integrity and information disclosure within the administrative interface. No public exploit code or active exploitation has been confirmed at the time of analysis.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34819 MEDIUM This Month

Stored cross-site scripting in Endian Firewall 3.3.25 and earlier allows authenticated attackers to inject arbitrary JavaScript via the REMARK parameter in /cgi-bin/openvpnclient.cgi, with the payload persisted and executed when other users access the affected page. CVSS 5.1 reflects low immediate impact due to user interaction requirement and limited scope, but the stored nature increases attack persistence; no public exploit code or CISA KEV confirmation identified at time of analysis.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34818 MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject malicious JavaScript via the remark parameter in the DNS local domains management interface (/manage/dnsmasq/localdomains/). The injected payload persists in the application and executes when other authenticated users access the affected page, enabling session hijacking, credential theft, or malware distribution within the firewall management environment. No public exploit code or active exploitation has been reported.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34817 MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the ADDRESS BCC parameter in /cgi-bin/smtprouting.cgi, with the payload executed when other users view the affected page. The vulnerability requires user interaction (UI:P) and authenticated access (PR:L), limiting real-world impact to internal threat actors with valid credentials, though successful exploitation could compromise session integrity and user data within the firewall management interface.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34816 MEDIUM This Month

Stored cross-site scripting in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the domain parameter in the /manage/smtpscan/domainrouting/ endpoint, with execution when other authenticated users view the page. The vulnerability requires user interaction (page view) and authenticated access, resulting in a CVSS score of 5.1 with scope change and integrity impact to other users' sessions. No public exploit code or active exploitation has been identified at time of analysis.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34815 MEDIUM This Month

Stored cross-site scripting in Endian Firewall versions 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the DOMAIN parameter in /cgi-bin/smtpdomains.cgi, which is executed when other users view the affected page. The vulnerability requires user interaction and authenticated access but can impact session security and administrative controls. No public exploit code or active exploitation has been identified at time of analysis.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34814 MEDIUM This Month

Stored cross-site scripting in Endian Firewall version 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the group parameter in /cgi-bin/proxygroup.cgi, with the malicious payload persisting and executing when other users access the affected page. CVSS score of 5.1 reflects moderate severity with limited scope of impact; exploitation requires prior authentication and user interaction but can affect confidentiality and integrity within the application context. No public exploit code or active exploitation has been confirmed at the time of analysis.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34813 MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the user parameter in /cgi-bin/proxyuser.cgi, which is then executed when other users view the affected page. This requires user interaction (page view) but enables session hijacking, credential theft, or administrative action abuse within the firewall's web interface. No public exploit code or active exploitation has been confirmed at time of analysis.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34812 MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the mimetypes parameter in /cgi-bin/proxypolicy.cgi, which is executed when other users access the affected page. CVSS 5.1 reflects moderate impact; exploitation requires prior authentication and user interaction, limiting real-world severity despite the persistent nature of stored XSS. No public exploit code or active exploitation has been identified at time of analysis.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34811 MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the remark parameter in /cgi-bin/xtaccess.cgi, which is executed when other users view the affected page. The vulnerability requires valid user credentials and user interaction but can compromise session tokens and sensitive data of administrators and other firewall users. No public exploit code or active exploitation has been confirmed at this time.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34810 MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and earlier allows authenticated attackers to inject arbitrary JavaScript via the remark parameter in /cgi-bin/vpnfw.cgi, which persists and executes when other users access the affected page. CVSS 5.1 reflects low immediate confidentiality/integrity impact but user interaction requirement; the vulnerability requires authenticated access (PR:L), limiting blast radius compared to unauthenticated XSS.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34809 MEDIUM This Month

Stored cross-site scripting in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject malicious JavaScript via the remark parameter in /cgi-bin/zonefw.cgi, which persists and executes when other administrators or users access the affected configuration page. The vulnerability requires user interaction (UI:P) and authenticated access (PR:L), limiting immediate risk but enabling account compromise and lateral movement within firewall administrative interfaces.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34808 MEDIUM This Month

Endian Firewall 3.3.25 and earlier allows authenticated users to store arbitrary JavaScript in the remark parameter of /cgi-bin/outgoingfw.cgi, which executes when other users view the affected page. This stored cross-site scripting (XSS) vulnerability requires valid login credentials but can compromise session tokens, steal administrative actions, or perform lateral attacks within the firewall management interface. No public exploit code or active exploitation has been confirmed at time of analysis.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34807 MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and earlier allows authenticated attackers to inject arbitrary JavaScript through the remark parameter in /cgi-bin/incoming.cgi, which is then executed when other users access the affected page. The vulnerability requires user interaction (UI:P) and authenticated access (PR:L), resulting in a CVSS 5.1 score with limited scope impact; no public exploit code or active exploitation has been confirmed.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34806 MEDIUM This Month

Stored XSS in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject malicious JavaScript via the remark parameter in /cgi-bin/snat.cgi, which persists and executes when other administrators or users access the affected page. The vulnerability requires low-privilege authentication and user interaction (page view), limiting immediate impact but creating persistent data integrity and session hijacking risks within the appliance administrative interface.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34805 MEDIUM This Month

Stored cross-site scripting in Endian Firewall 3.3.25 and prior allows authenticated users to inject malicious JavaScript via the remark parameter in /cgi-bin/dnat.cgi, which persists and executes when other administrators or users access the affected page. This requires valid login credentials but can compromise the integrity and confidentiality of management sessions for other users.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34804 MEDIUM This Month

Stored cross-site scripting in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the dscp parameter in the QoS rules management interface (/manage/qos/rules/). When other authenticated users view the affected configuration page, the injected script executes in their browser context, enabling session hijacking, credential theft, or lateral movement within the firewall management console. EPSS risk is elevated at moderate severity (CVSS 5.1), and no public exploit code or active exploitation has been confirmed.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34803 MEDIUM This Month

Stored cross-site scripting in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the name parameter in the QoS classes management interface (/manage/qos/classes/), which is executed when other users access the affected page. The vulnerability requires user interaction and authentication, resulting in a CVSS 5.1 score with limited scope of impact; no public exploit code or active exploitation has been confirmed.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34802 MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall version 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the remark user ham spam parameter in /cgi-bin/salearn.cgi. The injected payload is stored and executed in the browsers of other users who view the affected page, enabling session hijacking, credential theft, or malware distribution. No public exploit code or active exploitation has been confirmed; real-world risk is limited by the authentication requirement and user interaction dependency.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34801 MEDIUM This Month

Endian Firewall 3.3.25 and earlier contains stored cross-site scripting (XSS) in the DHCP fixed leases management interface, where the remark parameter fails to sanitize user input. An authenticated attacker can inject malicious JavaScript into the remark field at /manage/dhcp/fixed_leases/ that persists in the application and executes in the browsers of other administrators viewing the same page, enabling session hijacking, credential theft, or unauthorized configuration changes. No public exploit code or active exploitation has been confirmed; however, the vulnerability requires only low-privilege authentication and normal user interaction to trigger.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34800 MEDIUM This Month

Stored cross-site scripting in Endian Firewall 3.3.25 and earlier allows authenticated attackers to inject arbitrary JavaScript via the NAME parameter in /cgi-bin/uplinkeditor.cgi, which is executed when other users access the affected page. The vulnerability requires user interaction (UI:P) and low privileges (PR:L), limiting immediate automated exploitation but enabling account compromise and lateral privilege escalation within authenticated user populations. No public exploit code or active exploitation has been identified at time of analysis.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34799 MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the remark parameter in the /manage/dnsmasq/hosts/ endpoint. The injected payload is stored server-side and executed in the browsers of any user who subsequently views the affected page, enabling session hijacking, credential theft, or malware distribution. CVSS 5.1 reflects the moderate impact and requirement for user interaction; no public exploit code or active exploitation has been confirmed at time of analysis.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34798 MEDIUM This Month

Stored cross-site scripting in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject malicious JavaScript via the remark parameter in /cgi-bin/routing.cgi, which persists and executes when other users access the affected page. The vulnerability requires user interaction (UI:P) and authenticated access (PR:L), limiting its immediate blast radius, but enables session hijacking, credential theft, or administrative impersonation within the firewall management interface.

XSS Firewall Community
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34797 HIGH This Week

Remote command execution in Endian Firewall Community Edition 3.3.25 and earlier allows authenticated users to inject arbitrary OS commands through the DATE parameter in /cgi-bin/logs_smtp.cgi. The vulnerability stems from incomplete regular expression validation enabling Perl open() injection. With CVSS 8.7 severity and a low attack complexity (AC:L), this represents a critical post-authentication compromise vector. No public exploit identified at time of analysis, though the technical details disclosed by VulnCheck provide sufficient information for exploit development by threat actors with valid credentials.

Command Injection Firewall Community
NVD
CVSS 4.0
8.7
EPSS
0.2%
CVE-2026-34796 HIGH This Week

Remote code execution in Endian Firewall versions ≤3.3.25 allows authenticated users with low privileges to execute arbitrary operating system commands through command injection in the logs_openvpn.cgi DATE parameter. The vulnerability stems from inadequate input validation in a Perl open() call, enabling attackers to break out of intended file path operations. CVSS 8.7 reflects the severe impact (complete system compromise) despite requiring authentication. EPSS and KEV data not provided; no public exploit identified at time of analysis, though the technical details disclosed suggest exploitation development is straightforward for authenticated attackers.

Command Injection Firewall Community
NVD
CVSS 4.0
8.7
EPSS
0.2%
CVE-2026-34795 HIGH This Week

Remote code execution in Endian Firewall 3.3.25 and earlier allows authenticated attackers with low-level privileges to execute arbitrary OS commands via command injection in the DATE parameter of /cgi-bin/logs_log.cgi. The vulnerability stems from incomplete regular expression validation in Perl open() file path handling. No public exploit identified at time of analysis, though CVSS 8.7 severity reflects high potential impact across confidentiality, integrity, and availability. EPSS data not provided; exploitation requires network access with low-privilege authentication but no user interaction.

Command Injection Firewall Community
NVD
CVSS 4.0
8.7
EPSS
0.2%
CVE-2026-34794 HIGH This Week

Remote command execution in Endian Firewall 3.3.25 and earlier allows authenticated attackers to execute arbitrary OS commands with firewall appliance privileges via command injection in the DATE parameter of /cgi-bin/logs_ids.cgi. The vulnerability stems from incomplete regular expression validation before passing user input to Perl's open() function. CVSS score of 8.7 reflects network-accessible attack with low complexity requiring only low-privilege authentication. No CISA KEV listing or public exploit code identified at time of analysis, though VulnCheck public disclosure increases weaponization risk for organizations using this legacy firewall appliance.

Command Injection Firewall Community
NVD
CVSS 4.0
8.7
EPSS
0.2%
CVE-2026-34793 HIGH This Week

Remote command execution in Endian Firewall 3.3.25 and earlier allows authenticated users with low privileges to inject arbitrary OS commands through the DATE parameter in /cgi-bin/logs_firewall.cgi. The vulnerability stems from inadequate regular expression validation that fails to prevent command injection in Perl open() calls. Authentication is required (PR:L), but once accessed, attackers gain high-impact control over confidentiality, integrity, and availability. No public exploit identified at time of analysis, though the technical details disclosed by VulnCheck provide sufficient information for weaponization. EPSS data not available for this recent CVE.

Command Injection Firewall Community
NVD
CVSS 4.0
8.7
EPSS
0.2%
CVE-2026-34792 HIGH This Week

Remote command execution in Endian Firewall 3.3.25 and earlier allows authenticated users with low privileges to inject arbitrary OS commands through the DATE parameter in /cgi-bin/logs_clamav.cgi. The vulnerability stems from incomplete input validation before passing user-controlled data to Perl's open() function, enabling command injection. With CVSS 8.7 (High severity) and network-based exploitation requiring only low-privilege authentication, this represents a significant post-authentication attack surface. No public exploit identified at time of analysis, though the technical details provided enable reproduction.

Command Injection Firewall Community
NVD
CVSS 4.0
8.7
EPSS
0.2%
CVE-2026-34791 HIGH This Week

Remote command execution in Endian Firewall Community ≤3.3.25 allows authenticated users to inject OS commands through the DATE parameter in /cgi-bin/logs_proxy.cgi due to incomplete input validation in Perl open() calls. Attack requires only low-privilege authentication (CVSS PR:L) with network access and no user interaction. No public exploit identified at time of analysis, though the technical details disclosed by VulnCheck provide a clear exploitation path for threat actors.

Command Injection Firewall Community
NVD
CVSS 4.0
8.7
EPSS
0.2%
CVE-2026-34790 HIGH This Week

Directory traversal in Endian Firewall 3.3.25 and earlier allows authenticated users to delete arbitrary files through the /cgi-bin/backup.cgi remove ARCHIVE parameter. Attackers with low-privileged network access can leverage unsanitized path construction passed to unlink() to achieve high-integrity impact by removing critical system files. EPSS data not available; no public exploit identified at time of analysis, though the technical details disclosed by VulnCheck increase weaponization risk for authenticated threat actors.

Path Traversal Firewall Community
NVD
CVSS 4.0
7.1
EPSS
0.3%
CVE-2021-27201 HIGH POC This Week

Endian Firewall Community (aka EFW) 3.3.2 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in a backup comment. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Firewall Community
NVD GitHub
CVSS 3.1
8.8
EPSS
2.6%
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the remark parameter in the /manage/password/web/ endpoint. The injected payload is persistently stored and executes when other authenticated users access the affected page, enabling session hijacking, credential theft, or lateral movement within the firewall management interface. No public exploit code or active exploitation has been confirmed at the time of analysis.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and earlier allows authenticated attackers to inject arbitrary JavaScript via the new_cert_name parameter in the /manage/ca/certificate/ endpoint. The injected payload is stored and executed when other users access the affected page, enabling session hijacking, credential theft, or malware distribution within the firewall management interface. No public exploit code or active exploitation has been confirmed at the time of this analysis.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the remark parameter in the VPN authentication user management interface (/manage/vpnauthentication/user/). The injected payload persists in the database and executes when other authenticated users access the affected page, enabling session hijacking, credential theft, or lateral privilege escalation within the firewall management console.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject malicious JavaScript via the remark parameter in the IPSec management interface (/manage/ipsec/), which persists and executes when other users access the affected page. This requires user interaction (page view) and only affects session integrity and information disclosure within the administrative interface. No public exploit code or active exploitation has been confirmed at the time of analysis.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting in Endian Firewall 3.3.25 and earlier allows authenticated attackers to inject arbitrary JavaScript via the REMARK parameter in /cgi-bin/openvpnclient.cgi, with the payload persisted and executed when other users access the affected page. CVSS 5.1 reflects low immediate impact due to user interaction requirement and limited scope, but the stored nature increases attack persistence; no public exploit code or CISA KEV confirmation identified at time of analysis.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject malicious JavaScript via the remark parameter in the DNS local domains management interface (/manage/dnsmasq/localdomains/). The injected payload persists in the application and executes when other authenticated users access the affected page, enabling session hijacking, credential theft, or malware distribution within the firewall management environment. No public exploit code or active exploitation has been reported.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the ADDRESS BCC parameter in /cgi-bin/smtprouting.cgi, with the payload executed when other users view the affected page. The vulnerability requires user interaction (UI:P) and authenticated access (PR:L), limiting real-world impact to internal threat actors with valid credentials, though successful exploitation could compromise session integrity and user data within the firewall management interface.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the domain parameter in the /manage/smtpscan/domainrouting/ endpoint, with execution when other authenticated users view the page. The vulnerability requires user interaction (page view) and authenticated access, resulting in a CVSS score of 5.1 with scope change and integrity impact to other users' sessions. No public exploit code or active exploitation has been identified at time of analysis.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting in Endian Firewall versions 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the DOMAIN parameter in /cgi-bin/smtpdomains.cgi, which is executed when other users view the affected page. The vulnerability requires user interaction and authenticated access but can impact session security and administrative controls. No public exploit code or active exploitation has been identified at time of analysis.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting in Endian Firewall version 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the group parameter in /cgi-bin/proxygroup.cgi, with the malicious payload persisting and executing when other users access the affected page. CVSS score of 5.1 reflects moderate severity with limited scope of impact; exploitation requires prior authentication and user interaction but can affect confidentiality and integrity within the application context. No public exploit code or active exploitation has been confirmed at the time of analysis.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the user parameter in /cgi-bin/proxyuser.cgi, which is then executed when other users view the affected page. This requires user interaction (page view) but enables session hijacking, credential theft, or administrative action abuse within the firewall's web interface. No public exploit code or active exploitation has been confirmed at time of analysis.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the mimetypes parameter in /cgi-bin/proxypolicy.cgi, which is executed when other users access the affected page. CVSS 5.1 reflects moderate impact; exploitation requires prior authentication and user interaction, limiting real-world severity despite the persistent nature of stored XSS. No public exploit code or active exploitation has been identified at time of analysis.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the remark parameter in /cgi-bin/xtaccess.cgi, which is executed when other users view the affected page. The vulnerability requires valid user credentials and user interaction but can compromise session tokens and sensitive data of administrators and other firewall users. No public exploit code or active exploitation has been confirmed at this time.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and earlier allows authenticated attackers to inject arbitrary JavaScript via the remark parameter in /cgi-bin/vpnfw.cgi, which persists and executes when other users access the affected page. CVSS 5.1 reflects low immediate confidentiality/integrity impact but user interaction requirement; the vulnerability requires authenticated access (PR:L), limiting blast radius compared to unauthenticated XSS.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject malicious JavaScript via the remark parameter in /cgi-bin/zonefw.cgi, which persists and executes when other administrators or users access the affected configuration page. The vulnerability requires user interaction (UI:P) and authenticated access (PR:L), limiting immediate risk but enabling account compromise and lateral movement within firewall administrative interfaces.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Endian Firewall 3.3.25 and earlier allows authenticated users to store arbitrary JavaScript in the remark parameter of /cgi-bin/outgoingfw.cgi, which executes when other users view the affected page. This stored cross-site scripting (XSS) vulnerability requires valid login credentials but can compromise session tokens, steal administrative actions, or perform lateral attacks within the firewall management interface. No public exploit code or active exploitation has been confirmed at time of analysis.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and earlier allows authenticated attackers to inject arbitrary JavaScript through the remark parameter in /cgi-bin/incoming.cgi, which is then executed when other users access the affected page. The vulnerability requires user interaction (UI:P) and authenticated access (PR:L), resulting in a CVSS 5.1 score with limited scope impact; no public exploit code or active exploitation has been confirmed.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored XSS in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject malicious JavaScript via the remark parameter in /cgi-bin/snat.cgi, which persists and executes when other administrators or users access the affected page. The vulnerability requires low-privilege authentication and user interaction (page view), limiting immediate impact but creating persistent data integrity and session hijacking risks within the appliance administrative interface.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting in Endian Firewall 3.3.25 and prior allows authenticated users to inject malicious JavaScript via the remark parameter in /cgi-bin/dnat.cgi, which persists and executes when other administrators or users access the affected page. This requires valid login credentials but can compromise the integrity and confidentiality of management sessions for other users.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the dscp parameter in the QoS rules management interface (/manage/qos/rules/). When other authenticated users view the affected configuration page, the injected script executes in their browser context, enabling session hijacking, credential theft, or lateral movement within the firewall management console. EPSS risk is elevated at moderate severity (CVSS 5.1), and no public exploit code or active exploitation has been confirmed.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the name parameter in the QoS classes management interface (/manage/qos/classes/), which is executed when other users access the affected page. The vulnerability requires user interaction and authentication, resulting in a CVSS 5.1 score with limited scope of impact; no public exploit code or active exploitation has been confirmed.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall version 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the remark user ham spam parameter in /cgi-bin/salearn.cgi. The injected payload is stored and executed in the browsers of other users who view the affected page, enabling session hijacking, credential theft, or malware distribution. No public exploit code or active exploitation has been confirmed; real-world risk is limited by the authentication requirement and user interaction dependency.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Endian Firewall 3.3.25 and earlier contains stored cross-site scripting (XSS) in the DHCP fixed leases management interface, where the remark parameter fails to sanitize user input. An authenticated attacker can inject malicious JavaScript into the remark field at /manage/dhcp/fixed_leases/ that persists in the application and executes in the browsers of other administrators viewing the same page, enabling session hijacking, credential theft, or unauthorized configuration changes. No public exploit code or active exploitation has been confirmed; however, the vulnerability requires only low-privilege authentication and normal user interaction to trigger.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting in Endian Firewall 3.3.25 and earlier allows authenticated attackers to inject arbitrary JavaScript via the NAME parameter in /cgi-bin/uplinkeditor.cgi, which is executed when other users access the affected page. The vulnerability requires user interaction (UI:P) and low privileges (PR:L), limiting immediate automated exploitation but enabling account compromise and lateral privilege escalation within authenticated user populations. No public exploit code or active exploitation has been identified at time of analysis.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting (XSS) in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject arbitrary JavaScript via the remark parameter in the /manage/dnsmasq/hosts/ endpoint. The injected payload is stored server-side and executed in the browsers of any user who subsequently views the affected page, enabling session hijacking, credential theft, or malware distribution. CVSS 5.1 reflects the moderate impact and requirement for user interaction; no public exploit code or active exploitation has been confirmed at time of analysis.

XSS Firewall Community
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

Stored cross-site scripting in Endian Firewall 3.3.25 and prior allows authenticated attackers to inject malicious JavaScript via the remark parameter in /cgi-bin/routing.cgi, which persists and executes when other users access the affected page. The vulnerability requires user interaction (UI:P) and authenticated access (PR:L), limiting its immediate blast radius, but enables session hijacking, credential theft, or administrative impersonation within the firewall management interface.

XSS Firewall Community
NVD
EPSS 0% CVSS 8.7
HIGH This Week

Remote command execution in Endian Firewall Community Edition 3.3.25 and earlier allows authenticated users to inject arbitrary OS commands through the DATE parameter in /cgi-bin/logs_smtp.cgi. The vulnerability stems from incomplete regular expression validation enabling Perl open() injection. With CVSS 8.7 severity and a low attack complexity (AC:L), this represents a critical post-authentication compromise vector. No public exploit identified at time of analysis, though the technical details disclosed by VulnCheck provide sufficient information for exploit development by threat actors with valid credentials.

Command Injection Firewall Community
NVD
EPSS 0% CVSS 8.7
HIGH This Week

Remote code execution in Endian Firewall versions ≤3.3.25 allows authenticated users with low privileges to execute arbitrary operating system commands through command injection in the logs_openvpn.cgi DATE parameter. The vulnerability stems from inadequate input validation in a Perl open() call, enabling attackers to break out of intended file path operations. CVSS 8.7 reflects the severe impact (complete system compromise) despite requiring authentication. EPSS and KEV data not provided; no public exploit identified at time of analysis, though the technical details disclosed suggest exploitation development is straightforward for authenticated attackers.

Command Injection Firewall Community
NVD
EPSS 0% CVSS 8.7
HIGH This Week

Remote code execution in Endian Firewall 3.3.25 and earlier allows authenticated attackers with low-level privileges to execute arbitrary OS commands via command injection in the DATE parameter of /cgi-bin/logs_log.cgi. The vulnerability stems from incomplete regular expression validation in Perl open() file path handling. No public exploit identified at time of analysis, though CVSS 8.7 severity reflects high potential impact across confidentiality, integrity, and availability. EPSS data not provided; exploitation requires network access with low-privilege authentication but no user interaction.

Command Injection Firewall Community
NVD
EPSS 0% CVSS 8.7
HIGH This Week

Remote command execution in Endian Firewall 3.3.25 and earlier allows authenticated attackers to execute arbitrary OS commands with firewall appliance privileges via command injection in the DATE parameter of /cgi-bin/logs_ids.cgi. The vulnerability stems from incomplete regular expression validation before passing user input to Perl's open() function. CVSS score of 8.7 reflects network-accessible attack with low complexity requiring only low-privilege authentication. No CISA KEV listing or public exploit code identified at time of analysis, though VulnCheck public disclosure increases weaponization risk for organizations using this legacy firewall appliance.

Command Injection Firewall Community
NVD
EPSS 0% CVSS 8.7
HIGH This Week

Remote command execution in Endian Firewall 3.3.25 and earlier allows authenticated users with low privileges to inject arbitrary OS commands through the DATE parameter in /cgi-bin/logs_firewall.cgi. The vulnerability stems from inadequate regular expression validation that fails to prevent command injection in Perl open() calls. Authentication is required (PR:L), but once accessed, attackers gain high-impact control over confidentiality, integrity, and availability. No public exploit identified at time of analysis, though the technical details disclosed by VulnCheck provide sufficient information for weaponization. EPSS data not available for this recent CVE.

Command Injection Firewall Community
NVD
EPSS 0% CVSS 8.7
HIGH This Week

Remote command execution in Endian Firewall 3.3.25 and earlier allows authenticated users with low privileges to inject arbitrary OS commands through the DATE parameter in /cgi-bin/logs_clamav.cgi. The vulnerability stems from incomplete input validation before passing user-controlled data to Perl's open() function, enabling command injection. With CVSS 8.7 (High severity) and network-based exploitation requiring only low-privilege authentication, this represents a significant post-authentication attack surface. No public exploit identified at time of analysis, though the technical details provided enable reproduction.

Command Injection Firewall Community
NVD
EPSS 0% CVSS 8.7
HIGH This Week

Remote command execution in Endian Firewall Community ≤3.3.25 allows authenticated users to inject OS commands through the DATE parameter in /cgi-bin/logs_proxy.cgi due to incomplete input validation in Perl open() calls. Attack requires only low-privilege authentication (CVSS PR:L) with network access and no user interaction. No public exploit identified at time of analysis, though the technical details disclosed by VulnCheck provide a clear exploitation path for threat actors.

Command Injection Firewall Community
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Directory traversal in Endian Firewall 3.3.25 and earlier allows authenticated users to delete arbitrary files through the /cgi-bin/backup.cgi remove ARCHIVE parameter. Attackers with low-privileged network access can leverage unsanitized path construction passed to unlink() to achieve high-integrity impact by removing critical system files. EPSS data not available; no public exploit identified at time of analysis, though the technical details disclosed by VulnCheck increase weaponization risk for authenticated threat actors.

Path Traversal Firewall Community
NVD
EPSS 3% CVSS 8.8
HIGH POC This Week

Endian Firewall Community (aka EFW) 3.3.2 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in a backup comment. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Firewall Community
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy