Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the IP parameter. Attackers can send POST requests to the iptools.cgi endpoint with script payloads in the IP parameter to execute arbitrary JavaScript in victim browsers.
PUBLISHED5.2CWE-79
Smoothwall Express 3.1 'iptools.cgi' Cross-Site Scripting
Problem type
Affected products
Smoothwall
Smoothwall Express
3.1 - AFFECTED
References
ExploitDB-46333
https://www.exploit-db.com/exploits/46333
Smoothwall Official Vendor Homepage
http://www.smoothwall.org
VulnCheck Advisory: Smoothwall Express 3.1 'iptools.cgi' Cross-Site Scripting
https://www.vulncheck.com/advisories/smoothwall-express-iptoolscgi-cross-site-scripting
GitHub Security Advisories
GHSA-vxq8-hcg5-56j6
Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting...
https://github.com/advisories/GHSA-vxq8-hcg5-56j6Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the IP parameter. Attackers can send POST requests to the iptools.cgi endpoint with script payloads in the IP parameter to execute arbitrary JavaScript in victim browsers.
nvd.nist.gov
https://nvd.nist.gov/vuln/detail/CVE-2019-25392
exploit-db.com
https://www.exploit-db.com/exploits/46333
vulncheck.com
https://www.vulncheck.com/advisories/smoothwall-express-iptoolscgi-cross-site-scripting
smoothwall.org
http://www.smoothwall.org
github.com
https://github.com/advisories/GHSA-vxq8-hcg5-56j6
JSON source
https://cveawg.mitre.org/api/cve/CVE-2019-25392Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2019-25392",
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"dateUpdated": "2026-02-16T17:05:05.287Z",
"dateReserved": "2026-02-16T16:35:08.977Z",
"datePublished": "2026-02-16T17:05:05.287Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck",
"dateUpdated": "2026-02-16T17:05:05.287Z"
},
"datePublic": "2019-02-06T00:00:00.000Z",
"title": "Smoothwall Express 3.1 'iptools.cgi' Cross-Site Scripting",
"descriptions": [
{
"lang": "en",
"value": "Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the IP parameter. Attackers can send POST requests to the iptools.cgi endpoint with script payloads in the IP parameter to execute arbitrary JavaScript in victim browsers."
}
],
"affected": [
{
"vendor": "Smoothwall",
"product": "Smoothwall Express",
"versions": [
{
"version": "3.1",
"status": "affected"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://www.exploit-db.com/exploits/46333",
"name": "ExploitDB-46333",
"tags": [
"exploit"
]
},
{
"url": "http://www.smoothwall.org",
"name": "Smoothwall Official Vendor Homepage",
"tags": [
"product"
]
},
{
"url": "https://www.vulncheck.com/advisories/smoothwall-express-iptoolscgi-cross-site-scripting",
"name": "VulnCheck Advisory: Smoothwall Express 3.1 'iptools.cgi' Cross-Site Scripting",
"tags": [
"third-party-advisory"
]
}
],
"metrics": [
{
"format": "CVSS"
},
{
"format": "CVSS",
"cvssV3_1": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
}
}
],
"credits": [
{
"lang": "en",
"value": "Ozer Goker",
"type": "finder"
}
]
}
}
}