CVE-2025-67858
7
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
Summary
A Improper Neutralization of Argument Delimiters vulnerability in Foomuuri can lead to integrity loss of the firewall configuration or further unspecified impact by manipulating the JSON configuration passed to nft.
This issue affects Foomuuri: from ? before 0.31.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| https://github.com/FoobarOy/ | Foomuuri | ? < 0.31 | affected |
Weaknesses
- CWE-88: CWE-88: Improper Neutralization of Argument Delimiters
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-67858
- https://security.opensuse.org/2026/01/07/foomuuri-lack-of-dbus-authorization.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.