FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Versions 1.5.10.1673 and below contain an authentication bypass vulnerability. It is possible for an attacker to perform an unauthenticated DB dump where they could pull a full SQL DB without credentials. A fix is expected to be released 9/15/2025. To address this vulnerability immediately, upgrade to the latest version of either the dev-branch or working-1.6 branch. This will patch the issue for users concerned about immediate exposure. See the FOG Project documentation for step-by-step upgrade instructions: https://docs.fogproject.org/en/latest/install-fog-server#choosing-a-fog-version.
The vulnerability results from missing required authentication when accessing the database export/dump function (CWE-306: Missing Authentication for Critical Function) and flawed identity verification (CWE-287: Improper Authentication). An attacker can send a specially crafted network request to the vulnerable endpoint and obtain a complete SQL database dump without providing any credentials. No special conditions are required – the attack is possible remotely, without authentication, and without user interaction.
An attacker can obtain a complete copy of the FOG Project system's SQL database, exposing all stored data, including potentially authentication credentials, information about managed infrastructure, and other sensitive configuration information. Compromising the database contents could enable further security breaches of the IT environment.
FOG Project should be updated immediately to the latest version from the dev-branch or working-1.6 branch, which contain a fix eliminating the vulnerability. The official patch version is planned for September 15, 2025. Step-by-step update instructions are available in the project documentation: https://docs.fogproject.org/en/latest/install-fog-server#choosing-a-fog-version
FOG Project (fogproject) in versions 1.5.10.1673 and all earlier versions
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XFogproject
APPFogproject≤ 1.5.10.1673
Related vulnerabilities
FOG Server — wyciek danych uwierzytelniających Active Directory przy rejestracji komputera
Command injection w FOGProject przez parametr filename w export.php
FOG is a free open-source cloning/imaging/rescue suite/inventory management system. The hostinfo page has miss...
FOG is a cloning/imaging/rescue suite/inventory management system. An improperly restricted file upload featur...
configureNFS in lib/common/functions.sh in FOG through 1.5.10 allows local users to gain privileges by mountin...