Foomuuri Improper Neutralization of Argument Delimiters Vulnerability Allowing Manipulation of Firewall Configuration
Vulnerability
A vulnerability in Foomuuri, a firewall manager for Linux based on nftables, has been identified. This issue arises from improper validation of input parameters in the D-Bus interface, which allows arbitrary manipulation of the JSON configuration sent to nftables. As a result, the integrity of the firewall configuration can be compromised, potentially leading to unauthorized changes in network interface assignments or other unspecified impacts. This vulnerability affects Foomuuri versions prior to 0.31.
Impact
Exploitation of this vulnerability allows for unauthorized manipulation of the firewall configuration, with potential integrity loss in the JSON data passed to nftables. This could disrupt firewall rules or, depending on the nftables features, lead to privilege escalation.
Remediation
Users can upgrade to Foomuuri version 0.31, which addresses this vulnerability by implementing proper input validation and D-Bus authorization. The updated version is available on the Foomuuri GitHub Releases page.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.