CVE-2025-34082

Name of the Vulnerable Software and Affected Versions: IGEL OS versions prior to 11.04.270

Description: A command injection issue exists due to improper input sanitization in the handling of specially crafted PROXYCMD commands on TCP ports 30022 and 5900. An unauthenticated attacker with network access to a vulnerable device can inject arbitrary commands, leading to remote code execution with elevated privileges.

Recommendations: For IGEL OS versions prior to 11.04.270, update to version 11.04.270 or later to resolve the issue. As a temporary workaround, consider restricting access to TCP ports 30022 and 5900 to minimize the risk of exploitation.