Reflected Cross-Site Scripting Vulnerabilities in IPFire by IPFire
CVE-2019-25400

4.8MEDIUM

Key Information:

Vendor: Ipfire
Status: Ipfire
Vendor: CVE Published:; 18 February 2026

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2019-25400?

IPFire 2.21 Core Update 127 is susceptible to multiple reflected cross-site scripting vulnerabilities through the fwhosts.cgi script. Attackers can exploit this vulnerability by crafting and submitting POST requests containing malicious JavaScript payloads within various parameters such as HOSTNAME, IP, and others. This allows the execution of arbitrary scripts in the browsers of authenticated users, potentially leading to unauthorized actions and data theft.

Affected Version(s)

IPFire IPFire 2.21 - Core Update 127

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2019-25400 - Proof of Concept

References

https://www.exploit-db.com/exploits/46344

exploit

https://www.ipfire.org

product

https://downloads.ipfire.org/releases/ipfire-2.x/2.21-cor...

patch

CVSS V4

Score:

4.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Feb 18, 2026
👾
Exploit known to exist
Feb 18, 2026
Vulnerability published
Feb 18, 2026
Vulnerability Reserved
Feb 18, 2026

Credit

Ozer Goker

CVE-2019-25400 Data

JSON

Ipfire

Badges

What is CVE-2019-25400?

Affected Version(s)

Exploit Proof of Concept (PoC)

References

CVSS V4

Timeline

Credit