A vulnerability has been found in Endian Firewall 3.3.25 and classified as critical . Affected is the function Open of the file /cgi-bin/logs_smtp.cgi of the component Regular Expression Handler . Performing a manipulation of the argument Date results in os command injection. This vulnerability was named CVE-2026-34797 . The attack may be initiated remotely. There is no available exploit.