CVE-2025-34082

CRITICAL

IGEL OS <11.04.270 - Command Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-34082. PoCs published by Rob Vinson, James Brytan, James Smith, Marisa Mack, Sergey Pashevkin, Steven Laura, including Metasploit module exploits/linux/misc/igel_command_injection.

AI-analyzed exploit summary This Metasploit module exploits a command injection vulnerability in IGEL OS Secure Terminal and Secure Shadow services, allowing remote code execution via crafted commands sent over TCP ports 30022 or 5900.

Description

A command injection vulnerability exists in IGEL OS versions prior to 11.04.270 within the Secure Terminal and Secure Shadow services. The flaw arises due to improper input sanitization in the handling of specially crafted PROXYCMD commands on TCP ports 30022 and 5900. An unauthenticated attacker with network access to a vulnerable device can inject arbitrary commands, leading to remote code execution with elevated privileges. NOTE: IGEL OS v10.x has reached end-of-life (EOL) status.

Exploits (1)

metasploit WORKING POC EXCELLENT

by Rob Vinson, James Brytan, James Smith, Marisa Mack, Sergey Pashevkin, Steven Laura · rubypoclinux

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/igel_command_injection.rb

View Code ZIP pw:eip

This Metasploit module exploits a command injection vulnerability in IGEL OS Secure Terminal and Secure Shadow services, allowing remote code execution via crafted commands sent over TCP ports 30022 or 5900.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: IGEL OS Secure Terminal (telnet_ssl_connector) and Secure Shadow (vnc_ssl_connector) services

No auth needed

Prerequisites: Network access to target ports (30022 or 5900) · SSL/TLS negotiation enabled

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Various Sources exploit

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/misc/igel_command_injection.rb

Various Sources vendor-advisory

https://kb.igel.com/security-safety/current/isn-2021-01-igel-os-remote-command-execution-vulne

Various Sources vendor-advisory

https://www.igel.com/wp-content/uploads/2021/02/lxos_11.04.270.txt

Third Party Advisory third-party-advisory

https://vulncheck.com/advisories/igel-os-secure-terminal-shadow-rce

Scores

CVSS v4 9.3

EPSS 0.0528

EPSS Percentile 91.5%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-78

Status published

Products (2)

IGEL Technology GmbH/OS 10 - 10.06.220

IGEL Technology GmbH/OS 11 - 11.04.270

Published Jul 03, 2025

Tracked Since Feb 18, 2026