QwikSec

Security Database

CVE

CWE

Training

CVE-2024-58275

Published: Dec 4, 2025

Modified: Apr 7, 2026

PUBLISHED

Description

Easywall 0.3.1 allows authenticated remote command execution via a command injection vulnerability in the /ports-save endpoint that suffers from a parameter injection flaw. Attackers can inject shell metacharacters to execute arbitrary commands on the server.

Vendor	Product	Versions
jpylypiw	Easywall	affected `0.3.1`

Weaknesses (CWE)

References

ExploitDB-51856

exploit

Easywall Homepage

product

Easywall GitHub Repository

product

https://www.vulncheck.com/advisories/easywall-031-authentication-bypass-via-command-injection-in-ports-save-endpoint

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.