Stored XSS Vulnerability in IPFire Web-Based Firewall Interface
CVE-2025-50975

5.4MEDIUM

Key Information:

Vendor: IPFire
Status: IPFire 2.29
Vendor: CVE Published:; 26 August 2025

What is CVE-2025-50975?

The web-based firewall interface of IPFire 2.29 is susceptible to a stored Cross-Site Scripting (XSS) vulnerability due to improper sanitization of several rule parameters, including PROT, SRC_PORT, TGT_PORT, and others. This flaw allows authenticated administrators to inject malicious JavaScript, which executes whenever another admin accesses the firewall rules page. The exploitation of this vulnerability can lead to session hijacking and unauthorized actions within the interface, posing a significant risk to the security and integrity of the network.

References

https://github.com/4rdr/proofs/blob/main/info/IPFire-2.29...

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 26, 2025
Vulnerability Reserved
Jun 16, 2025

CVE-2025-50975 Data

JSON