This page lists publicly disclosed CVE vulnerabilities affecting algosec firewall_analyzer (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-12381 | Improper Privilege Management vulnerability in AlgoSec Firewall Analyzer on Linux, 64 bit allows Privilege Escalation, Parameter Injection. A local user with access to the command line may escalate their privileges by abusing the parameters of a command that is approved in the sudoers file. This issue affects Firewall Analyzer: A33.0, A33.10. | [email protected] | 6.1 | 0.14% | 2025-12-09 | 2026-06-17 |
| CVE-2025-12382 | Improper Limitation of a Pathname 'Path Traversal') vulnerability in Algosec Firewall Analyzer on Linux, 64 bit allows an authenticated user to upload files to a restricted directory leading to code injection. This issue affects Algosec Firewall Analyzer: A33.0 (up to build 320), A33.10 (up to build 210). | [email protected] | 7.3 | 0.45% | 2025-11-12 | 2026-06-17 |
| CVE-2013-7318 | Cross-site scripting (XSS) vulnerability in BusinessFlow/login in AlgoSec Firewall Analyzer 6.4 allows remote attackers to inject arbitrary web script or HTML via the message parameter. | [email protected] | 4.3 | 0.98% | 2014-01-29 | 2026-06-16 |
| CVE-2013-5092 | Cross-site scripting (XSS) vulnerability in afa/php/Login.php in AlgoSec Firewall Analyzer 6.1-b86 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. | [email protected] | 4.3 | 3.25% | 2014-01-29 | 2026-06-16 |