CVE-2025-34082

CRITICAL

IGEL OS <11.04.270 - Command Injection

Title source: llm

Description

A command injection vulnerability exists in IGEL OS versions prior to 11.04.270 within the Secure Terminal and Secure Shadow services. The flaw arises due to improper input sanitization in the handling of specially crafted PROXYCMD commands on TCP ports 30022 and 5900. An unauthenticated attacker with network access to a vulnerable device can inject arbitrary commands, leading to remote code execution with elevated privileges. NOTE: IGEL OS v10.x has reached end-of-life (EOL) status.

Exploits (1)

metasploit WORKING POC EXCELLENT

by Rob Vinson, James Brytan, James Smith, Marisa Mack, Sergey Pashevkin, Steven Laura · rubypoclinux

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/igel_command_injection.rb

View Code ZIP pw:eip

References (4)

[Various Sources] https://kb.igel.com/security-safety/current/isn-2021-01-igel-os-remote-command-execution-vulne

[Various Sources] https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/misc/igel_command_injection.rb

[Various Sources] https://www.igel.com/wp-content/uploads/2021/02/lxos_11.04.270.txt

[Third Party Advisory] https://vulncheck.com/advisories/igel-os-secure-terminal-shadow-rce

Scores

CVSS v4 9.3

EPSS 0.5024

EPSS Percentile 97.8%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Details

CWE

CWE-78

Status published

Products (2)

IGEL Technology GmbH/OS 10 - 10.06.220

IGEL Technology GmbH/OS 11 - 11.04.270

Published Jul 03, 2025

Tracked Since Feb 18, 2026