In a critical security advisory, researchers have disclosed a stored cross-site scripting (XSS) vulnerability in IPFire 2.29’s web-based firewall interface (firewall.cgi).
Tracked as CVE-2025-50975, the vulnerability enables any authenticated administrator to inject arbitrary JavaScript that remains persistently stored in firewall rule parameters.
When other...
IPFire has announced the release of Core Update 195 for IPFire 2.29, marking a significant milestone with the introduction of native WireGuard VPN support alongside various system improvements and security enhancements.
This long-awaited update transforms the open-source firewall distribution by integrating modern VPN capabilities...