CVE-2025-34304

Name of the Vulnerable Software and Affected Versions IPFire versions prior to 2.29 (Core Update 198)

Description IPFire versions prior to 2.29 (Core Update 198) contain a SQL injection issue. An authenticated attacker can manipulate the SQL query when viewing OpenVPN connection logs through the CONNECTION NAME parameter. The application sends an HTTP POST request to the ''/cgi-bin/logs.cgi/ovpnclients.dat'' Request-URI, inserting the value of the CONNECTION NAME parameter directly into the WHERE clause without proper sanitization. This can allow an attacker to disclose sensitive information from the database.

Recommendations Update to version 2.29 (Core Update 198) or later.