CVE-2025-67858

CVSS v4.0

7.0

High

Vector

AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions Foomuuri versions prior to 0.27-2+deb13u1 Foomuuri versions prior to 0.31

Description An Improper Neutralization of Argument Delimiters issue exists in Foomuuri, potentially leading to integrity loss of the firewall configuration or other unspecified impacts. This occurs through manipulation of the JSON configuration passed to nft. The issue is triggered by a crafted interface input parameter.

Recommendations Upgrade Foomuuri packages to version 0.27-2+deb13u1. For versions prior to 0.31, upgrade to a later version.

Fix

Argument Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-88

Related Identifiers

CVE-2025-67858

DSA-6095-1

USN-8326-1

Affected Products

Foomuuri

CVE-2025-67858

Weakness Enumeration

Related Identifiers

Affected Products

References · 16