CVE-2025-34082
BaseFortify
Publication date: 2025-07-03
Last updated on: 2025-07-08
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-34082 is a critical command injection vulnerability in IGEL OS versions prior to 11.04.270 affecting the Secure Terminal and Secure Shadow services. It occurs because these services improperly sanitize input when handling specially crafted PROXYCMD commands on TCP ports 30022 and 5900. This flaw allows an unauthenticated attacker with network access to inject arbitrary commands, resulting in remote code execution with elevated privileges. [1, 3]
How can this vulnerability impact me? :
This vulnerability can have severe impacts as it allows remote attackers to execute arbitrary commands on affected IGEL OS devices without any authentication or user interaction. This can lead to full compromise of the device, including unauthorized access, data theft, system manipulation, and disruption of services. The vulnerability has a high CVSS score (9.3 or 9.8 depending on the source), indicating critical risk to confidentiality, integrity, and availability. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The vulnerability can be detected by checking the firmware version of IGEL OS devices via UDP on port 30005, looking for a response containing 'firmwareversion=<version>'. Versions between 10.0.0 and less than 10.06.220, and between 11.0.0 and less than 11.04.270 are vulnerable. Additionally, scanning for open TCP ports 30022 (Secure Terminal Service) and 5900 (Secure Shadow Service) can help identify potentially vulnerable services. Using the Metasploit module for CVE-2025-34082 can automate detection and exploitation attempts. Example commands include: 1) Using nmap to scan for open ports: `nmap -p 30022,5900 <target>` 2) Using netcat or similar tools to send UDP requests to port 30005 to retrieve firmware version. 3) Using the Metasploit module to check vulnerability status and attempt exploitation. [3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading IGEL OS to patched versions: for IGEL OS 11, upgrade to version 11.04.270 or newer (or 11.03.620 or newer if on the 11.03.* branch); for IGEL OS 10, upgrade to version 10.06.220 or newer. As a temporary measure, disable the Secure Shadow and Secure Terminal features to prevent exploitation, but be cautious when disabling Secure Shadow if unencrypted shadowing is used due to security risks. Detailed instructions for disabling these features are available in the IGEL OS Reference Manual under System > Remote Access > Shadow Settings and Secure Terminal sections. [2]