CVE-2019-25393

MEDIUM

Smoothwall Express 3.1-SP4 - Unauthenticated XSS via smoothinfo.cgi WRAP/SECTIONTITLE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-25393. PoCs published by Ozer Goker.

AI-analyzed exploit summary This exploit demonstrates multiple stored and reflected XSS vulnerabilities in Smoothwall Express 3.1-SP4-polar-x86_64-update9. The payloads are simple JavaScript alerts injected into various parameters of CGI scripts.

Description

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by exploiting insufficient input validation. Attackers can submit POST requests to the smoothinfo.cgi endpoint with script payloads in the WRAP or SECTIONTITLE parameters to execute arbitrary JavaScript in victim browsers.

Exploits (1)

exploitdb WORKING POC
by Ozer Goker · textwebappscgi
https://www.exploit-db.com/exploits/46333

This exploit demonstrates multiple stored and reflected XSS vulnerabilities in Smoothwall Express 3.1-SP4-polar-x86_64-update9. The payloads are simple JavaScript alerts injected into various parameters of CGI scripts.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Smoothwall Express 3.1-SP4-polar-x86_64-update9
No auth needed
Prerequisites: Access to the web interface of the target Smoothwall Express instance
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/46333
Various Sources product
http://www.smoothwall.org

Scores

CVSS v3 6.1
EPSS 0.0023
EPSS Percentile 13.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-79
Status published
Products (1)
smoothwall/smoothwall_express 3.1 sp4
Published Feb 16, 2026
Tracked Since Feb 18, 2026