Zero Day MonitorZDM

← Back to list

8.8

CVE-2026-34794EXPLOITED

endian · endian firewall

Endian Firewall /cgi-bin/logs_ids.cgi DATE Perl Command Injection

Description

Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_ids.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection due to an incomplete regular expression validation.

Affected Products

Vendor	Product	Versions
endian	endian firewall	3.3.25

References

https://help.endian.com/hc/en-us/sections/360004371358-Community(release-notes)
https://www.vulncheck.com/advisories/endian-firewall-cgi-bin-logs-ids-cgi-date-perl-command-injection(third-party-advisory)

Related News (1 articles)

Tier C

VulDB5h ago

CVE-2026-34794 | Endian Firewall 3.3.25 Regular Expression /cgi-bin/logs_ids.cgi open Date os command injection

→ No new info (linked only)

CVSS 3.18.8 NONE

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-78

PublishedApr 2, 2026

Last enriched4h agov2

Trending Score44

Source articles1

Independent1

Info Completeness7/14

Missing: cvss, epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-34814EXP

Endian Firewall /cgi-bin/proxygroup.cgi group Stored Cross-Site Scripting

HIGHCVE-2026-34796EXP

Endian Firewall /cgi-bin/logs_openvpn.cgi DATE Perl Command Injection

HIGHCVE-2026-34790EXP

Endian Firewall /cgi-bin/backup.cgi remove ARCHIVE Directory Traversal

NONECVE-2026-34797EXP

Endian Firewall /cgi-bin/logs_smtp.cgi DATE Perl Command Injection

NONECVE-2026-34791EXP

Endian Firewall /cgi-bin/logs_proxy.cgi DATE Perl Command Injection

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 2, 2026

Discovered by ZDM

Apr 2, 2026

Updated: description, severity, activelyExploited

Apr 2, 2026

Actively Exploited

Apr 2, 2026

Version History

v2

Last enriched 4h ago

v2Tier C4h ago

Updated severity to CRITICAL, marked as actively exploited, and provided a more detailed description of the vulnerability.

descriptionseverityactivelyExploited

via VulDB

v15h ago

Initial creation