CVE-2025-45311

Published: Nov 26, 2025

Modified: Dec 3, 2025

PUBLISHED

Description

Insecure permissions in fail2ban-client v0.11.2 allows attackers with limited sudo privileges to perform arbitrary operations as root. NOTE: this is disputed by multiple parties because the action for a triggered rule can legitimately be an arbitrary operation as root. Thus, the software is behaving in accordance with its intended privilege model.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://packetstorm.news/files/id/189989

https://gist.github.com/R-Security/1c707a08f9c7f9a91d9d84b5010aaed2

https://github.com/fail2ban/fail2ban/issues/4110

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-45311

Description

Affected Products

References