CVE-2025-34306

Name of the Vulnerable Software and Affected Versions IPFire versions prior to 2.29 (Core Update 198)

Description IPFire versions prior to 2.29 (Core Update 198) are susceptible to a stored cross-site scripting (XSS) issue. An authenticated attacker can inject arbitrary JavaScript code through the pienumber parameter when updating the default firewall IP search values. The application sends an HTTP POST request to /cgi-bin/logs.cgi/firewalllogip.dat with the default number of IPs in the pienumber parameter. This value is stored and displayed in the web interface without proper sanitization, enabling the execution of injected scripts within the context of other users viewing the affected page.

Recommendations Update to version 2.29 (Core Update 198) or later.