module
IPFire 2.25 Core Update 156 and Prior pakfire.cgi Authenticated RCE
| Disclosed |
|---|
| May 17, 2021 |
Disclosed
May 17, 2021
Description
This module exploits an authenticated command injection vulnerability in the
/cgi-bin/pakfire.cgi web page of IPFire devices running versions 2.25 Core Update 156
and prior to execute arbitrary code as the root user.
/cgi-bin/pakfire.cgi web page of IPFire devices running versions 2.25 Core Update 156
and prior to execute arbitrary code as the root user.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.