CVE-2026-30932HIGH 8.8EPSS p41.3%

CVE-2026-30932CVE-2026-30932

Description

Froxlor is open source server administration software. Prior to version 2.3.5, the DomainZones.add API endpoint (accessible to customers with DNS enabled) does not validate the content field for several DNS record types (LOC, RP, SSHFP, TLSA). An attacker can inject newlines and BIND zone file directives (e.g. $INCLUDE) into the zone file that gets written to disk when the DNS rebuild cron job runs. This issue has been patched in version 2.3.5.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.54% probability of exploitation · percentile 41.3% · 2026-06-18T12:00:27Z
Published2026-03-24
Last modified2026-03-26

Underlying weaknesses· 1

CWE-74

References

  1. https://github.com/froxlor/froxlor/commit/b34829262dc32818b37f6a1eabb426d0b277a86b
  2. https://github.com/froxlor/froxlor/releases/tag/2.3.5
  3. https://github.com/froxlor/froxlor/security/advisories/GHSA-x6w6-2xwp-3jh6

1

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')cwe-740%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-41234
CVE
CVE-2026-41230
CVE
CVE-2026-41237
CVE
CVE-2026-41229
CVE
CVE-2026-41235
CVE
CVE-2026-41228
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.