Description
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_firewall.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection due to an incomplete regular expression validation.
Published: 2026-04-02
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote command execution
Action: Immediate Patch
AI Analysis

Impact

Authenticated users of Endian Firewall version 3.3.25 and earlier can influence the DATE parameter in the /cgi-bin/logs_firewall.cgi script. The supplied value is concatenated into a file path that is later passed directly to a Perl open() call. Because the validation regex does not exclude shell metacharacters, an attacker can inject OS commands, allowing execution of arbitrary commands on the underlying host. This weakness falls under CWE-78 and can lead to complete compromise of the firewall device, including disclosure of sensitive configuration, data exfiltration, and further network intrusion.

Affected Systems

The vulnerability affects Endian Firewall products including the 2.1.2, 2.4, and 3.3.25 releases as well as the community edition. Any instance of Endian Firewall running these versions is susceptible to the flaw.

Risk and Exploitability

The CVSS base score for this issue is 8.7, indicating high severity, while the EPSS score is lower than 1%, suggesting a low probability of exploitation in the near term. The flaw is not listed in the CISA KEV catalog, reducing its exposure profile. Exploitation requires an authenticated session, so the attack vector is likely an internal attacker or an external actor who has obtained valid credentials. An attacker can send a crafted DATE value from a web browser or HTTP client to trigger the command injection, resulting in arbitrary code execution on the firewall host.

Generated by OpenCVE AI on April 7, 2026 at 20:01 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor-released patch or upgrade the firewall to a version later than 3.3.25.
  • If an update is not yet available, limit or disable the /cgi-bin/logs_firewall.cgi endpoint for non‑privileged users and enforce strict access control on the web interface.
  • Periodically review system and web logs for abnormal command execution attempts and block suspicious IP addresses.
  • Stay informed of new advisories from Endian by checking the vendor’s website or the community help center.

Generated by OpenCVE AI on April 7, 2026 at 20:01 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 07 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Endian firewall Community
CPEs cpe:2.3:a:endian:firewall_community:*:*:*:*:*:*:*:*
Vendors & Products Endian firewall Community

Fri, 03 Apr 2026 05:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 02 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Description Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_firewall.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection due to an incomplete regular expression validation.
Title Endian Firewall /cgi-bin/logs_firewall.cgi DATE Perl Command Injection
First Time appeared Endian
Endian firewall
Weaknesses CWE-78
CPEs cpe:2.3:a:endian:firewall:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:endian:firewall:2.4:*:*:*:*:*:*:*
cpe:2.3:a:endian:firewall:3.3.25:*:*:*:*:*:*:*
Vendors & Products Endian
Endian firewall
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Endian Firewall Firewall Community
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-03T03:55:36.991Z

Reserved: 2026-03-30T20:26:18.724Z

Link: CVE-2026-34793

cve-icon Vulnrichment

Updated: 2026-04-02T16:17:58.075Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-02T15:16:43.323

Modified: 2026-04-07T14:38:25.850

Link: CVE-2026-34793

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T19:56:12Z

Weaknesses