Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

Warning: Undefined array key "Description" in /var/www/www.linuxsecurity.com-443/html/lsadvisories/lsadvisories.php on line 220

Fedora 43 AWStats Critical Code Exec Fix CVE-2025-63261 2026-Fad30cb6e2

fedora
Calendar Grey April 20, 2026
Dist Fedora Esm H88
Critical update for AWStats in Fedora 43 fixes remote code execution flaw. Ensure system security with this patch.
Fix CVE-2025-63261 (rhbz #2450263)

Summary

Advanced Web Statistics is a powerful and full-featured tool that generates

advanced web server graphical statistics. This server log analyzer works

from the command line or as a CGI and shows all information your log contains,

in graphical web pages. It can analyze a lot of web/wap/proxy servers such as

Apache, IIS, Weblogic, Webstar, Squid, ... but also mail or FTP servers.

This program can measure visits, unique visitors, authenticated users, pages,

domains/countries, OS busiest times, robot visits, type of files, search

engines/keywords used, visit duration, HTTP errors and more...

Statistics can be updated from a browser or your scheduler.

The program also supports virtual servers, plugins and a lot of features.

With the default configuration, the statistics are available at:

http://localhost/awstats/awstats.pl

Update Information:

Fix CVE-2025-63261 (rhbz #2450263)

Topics%20covered

Topics Covered

security advisory fedora arbitrary code execution command injection awstats cve-2025-63261

Change Log

* Fri Apr 10 2026 Tim Jackson - 8.0-2 - Fix CVE-2025-63261 (rhbz #2450263)

References


[ 1 ] Bug #2450263 - CVE-2025-63261 awstats: AWStats: Arbitrary code execution via command injection vulnerability [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2450263

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-fad30cb6e2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: awstats
Product: Fedora 43
Version: 8.0
Release: 2.fc43
URL: https://www.awstats.org/
Summary: Advanced Web Statistics

Topics%20covered

Topics Covered

security advisory fedora arbitrary code execution command injection awstats cve-2025-63261

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here