Vulnerabilites related to netgate - pfsense
Vulnerability from fkie_nvd
Published
2023-11-14 04:15
Modified
2024-11-21 08:22
Severity ?
Summary
Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted URL to the getserviceproviders.php page.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:2.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B0402C4-6897-44F9-A290-09A7A7E61683", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted URL to the getserviceproviders.php page." }, { "lang": "es", "value": "La vulnerabilidad de Cross Site Scripting (XSS) en Netgate pfSense v.2.7.0 permite a un atacante remoto obtener privilegios a trav\u00e9s de una URL manipulada para la p\u00e1gina getserviceproviders.php." } ], "id": "CVE-2023-42327", "lastModified": "2024-11-21T08:22:26.870", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-11-14T04:15:07.800", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Vendor Advisory" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-23_08.webgui.asc" }, { "source": "cve@mitre.org", "url": "https://www.sonarsource.com/blog/pfsense-vulnerabilities-sonarcloud/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-23_08.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.sonarsource.com/blog/pfsense-vulnerabilities-sonarcloud/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-03-17 22:15
Modified
2024-11-21 07:52
Severity ?
Summary
A command injection vulnerability in the function restore_rrddata() of Netgate pfSense v2.7.0 allows authenticated attackers to execute arbitrary commands via manipulating the contents of an XML file supplied to the component config.xml.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:2.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B0402C4-6897-44F9-A290-09A7A7E61683", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A command injection vulnerability in the function restore_rrddata() of Netgate pfSense v2.7.0 allows authenticated attackers to execute arbitrary commands via manipulating the contents of an XML file supplied to the component config.xml." } ], "id": "CVE-2023-27253", "lastModified": "2024-11-21T07:52:31.993", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-03-17T22:15:11.227", "references": [ { "source": "cve@mitre.org", "url": "http://packetstormsecurity.com/files/173487/pfSense-Restore-RRD-Data-Command-Injection.html" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "https://github.com/pfsense/pfsense/commit/ca80d18493f8f91b21933ebd6b714215ae1e5e94" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Patch", "Vendor Advisory" ], "url": "https://redmine.pfsense.org/issues/13935" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://packetstormsecurity.com/files/173487/pfSense-Restore-RRD-Data-Command-Injection.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "https://github.com/pfsense/pfsense/commit/ca80d18493f8f91b21933ebd6b714215ae1e5e94" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Patch", "Vendor Advisory" ], "url": "https://redmine.pfsense.org/issues/13935" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-91" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2014-07-02 10:35
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in suricata_select_alias.php in the Suricata package before 1.0.6 for pfSense through 2.1.4 allow remote attackers to inject arbitrary web script or HTML via unspecified variables.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "41DC67D8-85E8-41E4-9BC2-86AF017CC779", "versionEndIncluding": "2.1.4", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "2CAA13A8-3B1E-4848-AB59-E385BC37E4E5", "vulnerable": true }, { "criteria": "cpe:2.3:a:pfsense:suricata_package:*:*:*:*:*:*:*:*", "matchCriteriaId": "9FC8077F-F731-44A2-BF9D-8CDBC1361221", "versionEndIncluding": "1.0.5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in suricata_select_alias.php in the Suricata package before 1.0.6 for pfSense through 2.1.4 allow remote attackers to inject arbitrary web script or HTML via unspecified variables." }, { "lang": "es", "value": "M\u00faltiples vulnerabilidades de XSS en suricata_select_alias.php en el paquete Suricata anterior a 1.0.6 para pfSense hasta 2.1.4 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de variables no especificadas." } ], "id": "CVE-2014-4694", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2014-07-02T10:35:26.127", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2022-03-31 08:15
Modified
2024-11-21 06:50
Severity ?
Summary
Improper input validation vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change OpenVPN client or server settings to execute an arbitrary command.
References
▶ | URL | Tags | |
---|---|---|---|
vultures@jpcert.or.jp | https://docs.netgate.com/downloads/pfSense-SA-22_03.webgui.asc | Mitigation, Patch, Vendor Advisory | |
vultures@jpcert.or.jp | https://jvn.jp/en/jp/JVN87751554/index.html | Patch, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://docs.netgate.com/downloads/pfSense-SA-22_03.webgui.asc | Mitigation, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://jvn.jp/en/jp/JVN87751554/index.html | Patch, Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
netgate | pfsense | * | |
netgate | pfsense_plus | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "7AB4D564-FD37-45F0-B739-0FA889E44AE3", "versionEndExcluding": "2.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense_plus:*:*:*:*:*:*:*:*", "matchCriteriaId": "2A698B2A-EC00-494B-907A-1366740325C6", "versionEndExcluding": "22.01", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper input validation vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change OpenVPN client or server settings to execute an arbitrary command." }, { "lang": "es", "value": "Una vulnerabilidad de comprobaci\u00f3n de entrada inapropiada en pfSense CE y pfSense Plus (versiones de software de pfSense CE anteriores a 2.6.0 y versiones de software de pfSense Plus anteriores a 22.01) permite a un atacante remoto con el privilegio de cambiar la configuraci\u00f3n del cliente o del servidor OpenVPN ejecutar un comando arbitrario" } ], "id": "CVE-2022-24299", "lastModified": "2024-11-21T06:50:07.313", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2022-03-31T08:15:08.297", "references": [ { "source": "vultures@jpcert.or.jp", "tags": [ "Mitigation", "Patch", "Vendor Advisory" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-22_03.webgui.asc" }, { "source": "vultures@jpcert.or.jp", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://jvn.jp/en/jp/JVN87751554/index.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mitigation", "Patch", "Vendor Advisory" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-22_03.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://jvn.jp/en/jp/JVN87751554/index.html" } ], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2014-07-02 10:35
Modified
2025-04-12 10:46
Severity ?
Summary
Absolute path traversal vulnerability in pkg_edit.php in pfSense before 2.1.4 allows remote attackers to read arbitrary XML files via a full pathname in the xml parameter.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "C9106AF8-77A8-474E-8347-AE00B27DF00F", "versionEndIncluding": "2.1.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Absolute path traversal vulnerability in pkg_edit.php in pfSense before 2.1.4 allows remote attackers to read arbitrary XML files via a full pathname in the xml parameter." }, { "lang": "es", "value": "Vulnerabilidad de recorrido de directorio absoluto en pkg_edit.php en pfSense anterior a 2.1.4 permite a atacantes remotos leer ficheros XML arbitrarios a trav\u00e9s de un nombre completo de ruta en el par\u00e1metro xml." } ], "id": "CVE-2014-4689", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2014-07-02T10:35:25.893", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_11.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_11.webgui.asc" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-12-03 22:29
Modified
2024-11-21 04:06
Severity ?
Summary
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_ac_mode` POST parameter parameter.
References
▶ | URL | Tags | |
---|---|---|---|
talos-cna@cisco.com | https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690 | Exploit, Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "D2F10ACD-20E9-4015-947C-3D9C00A0D8A1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_ac_mode` POST parameter parameter." }, { "lang": "es", "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos explotable en la manera en la que Netgate pfSense CE 2.4.4-RELEASE procesa los par\u00e1metros de una petici\u00f3n POST espec\u00edfica. El atacante puede explotarlo y obtener la capacidad para ejecutar comandos arbitrarios en el sistema. Un atacante necesita poder enviar peticiones POST autenticadas a la interfaz web de administraci\u00f3n. La inyecci\u00f3n de comandos es posible en el par\u00e1metro POST \"powerd_ac_mode\"." } ], "id": "CVE-2018-4020", "lastModified": "2024-11-21T04:06:31.797", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "talos-cna@cisco.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-12-03T22:29:00.903", "references": [ { "source": "talos-cna@cisco.com", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690" } ], "sourceIdentifier": "talos-cna@cisco.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-78" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2015-04-01 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the WebGUI in pfSense before 2.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) zone parameter to status_captiveportal.php; (2) if or (3) dragtable parameter to firewall_rules.php; (4) queue parameter in an add action to firewall_shaper.php; (5) id parameter in an edit action to services_unbound_acls.php; or (6) filterlogentries_time, (7) filterlogentries_sourceipaddress, (8) filterlogentries_sourceport, (9) filterlogentries_destinationipaddress, (10) filterlogentries_interfaces, (11) filterlogentries_destinationport, (12) filterlogentries_protocolflags, or (13) filterlogentries_qty parameter to diag_logs_filter.php.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "F2F53077-1E0C-41D1-BCA5-EA3244669B72", "versionEndIncluding": "2.2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the WebGUI in pfSense before 2.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) zone parameter to status_captiveportal.php; (2) if or (3) dragtable parameter to firewall_rules.php; (4) queue parameter in an add action to firewall_shaper.php; (5) id parameter in an edit action to services_unbound_acls.php; or (6) filterlogentries_time, (7) filterlogentries_sourceipaddress, (8) filterlogentries_sourceport, (9) filterlogentries_destinationipaddress, (10) filterlogentries_interfaces, (11) filterlogentries_destinationport, (12) filterlogentries_protocolflags, or (13) filterlogentries_qty parameter to diag_logs_filter.php." }, { "lang": "es", "value": "M\u00faltiples vulnerabilidades de XSS en la GUI web en pfSense anterior a 2.2.1 permiten a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a trav\u00e9s (1) del par\u00e1metro zone en status_captiveportal.php; (2) del par\u00e1metro if o (3) dragtable en firewall_rules.php; (4) del par\u00e1metro queue en una acci\u00f3n de a\u00f1adir en firewall_shaper.php; (5) del par\u00e1metro id en una acci\u00f3n de editar en services_unbound_acls.php; o (6) del par\u00e1metro filterlogentries_time, (7) filterlogentries_sourceipaddress, (8) filterlogentries_sourceport, (9) filterlogentries_destinationipaddress, (10) filterlogentries_interfaces, (11) filterlogentries_destinationport, (12) filterlogentries_protocolflags, o (13) filterlogentries_qty en diag_logs_filter.php." } ], "id": "CVE-2015-2294", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2015-04-01T14:59:02.863", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://packetstormsecurity.com/files/131022/pfSense-2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/534987/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/73344" }, { "source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/36506/" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "https://www.htbridge.com/advisory/HTB23251" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_03.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://packetstormsecurity.com/files/131022/pfSense-2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/534987/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/73344" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/36506/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "https://www.htbridge.com/advisory/HTB23251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_03.webgui.asc" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2014-07-02 10:35
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple open redirect vulnerabilities in the Suricata package before 1.0.6 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to suricata_rules_flowbits.php or (2) the returl parameter to suricata_select_alias.php.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "41DC67D8-85E8-41E4-9BC2-86AF017CC779", "versionEndIncluding": "2.1.4", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "2CAA13A8-3B1E-4848-AB59-E385BC37E4E5", "vulnerable": true }, { "criteria": "cpe:2.3:a:pfsense:suricata_package:*:*:*:*:*:*:*:*", "matchCriteriaId": "9FC8077F-F731-44A2-BF9D-8CDBC1361221", "versionEndIncluding": "1.0.5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple open redirect vulnerabilities in the Suricata package before 1.0.6 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to suricata_rules_flowbits.php or (2) the returl parameter to suricata_select_alias.php." }, { "lang": "es", "value": "M\u00faltiples vulnerabilidades de redirecci\u00f3n abierta en el paquete Suricata anterior a 1.0.6 para pfSense hasta 2.1.4 permiten a atacantes remotos redirigir usuarios hacia sitios web arbitrarios y realizar ataques de phishing a trav\u00e9s del par\u00e1metro (1) referer en suricata_rules_flowbits.php o (2) returl en suricata_select_alias.php." } ], "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/601.html\n\n\"CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)\"", "id": "CVE-2014-4696", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2014-07-02T10:35:26.207", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2014-07-02 10:35
Modified
2025-04-12 10:46
Severity ?
Summary
pfSense before 2.1.4 allows remote authenticated users to execute arbitrary commands via (1) the hostname value to diag_dns.php in a Create Alias action, (2) the smartmonemail value to diag_smart.php, or (3) the database value to status_rrd_graph_img.php.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "C9106AF8-77A8-474E-8347-AE00B27DF00F", "versionEndIncluding": "2.1.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "pfSense before 2.1.4 allows remote authenticated users to execute arbitrary commands via (1) the hostname value to diag_dns.php in a Create Alias action, (2) the smartmonemail value to diag_smart.php, or (3) the database value to status_rrd_graph_img.php." }, { "lang": "es", "value": "pfSense anterior a 2.1.4 permite a usuarios remotos autenticados ejecutar comandos arbitrarios a trav\u00e9s del valor (1) hostname en diag_dns.php en una acci\u00f3n Crear Alias, (2) smartmonemail en diag_smart.php, o (3) database en status_rrd_graph_img.php." } ], "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/77.html\n\n\"CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)\"", "id": "CVE-2014-4688", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2014-07-02T10:35:25.860", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_10.webgui.asc" }, { "source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/43560/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_10.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/43560/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2021-07-12 16:15
Modified
2024-11-21 05:09
Severity ?
Summary
A Stored Cross-Site Scripting (XSS) vulnerability was found in status_filter_reload.php, a page in the pfSense software WebGUI, on Netgate pfSense version 2.4.4-p2 and earlier. The page did not encode output from the filter reload process, and a stored XSS was possible via the descr (description) parameter on NAT rules.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html | Product, Vendor Advisory | |
cve@mitre.org | https://gist.github.com/dharmeshbaskaran/fd3779006361d07651a883e8a040d916 | Exploit, Third Party Advisory | |
cve@mitre.org | https://www.pfsense.org/download/ | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html | Product, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://gist.github.com/dharmeshbaskaran/fd3779006361d07651a883e8a040d916 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.pfsense.org/download/ | Vendor Advisory |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "653BCB44-6584-4779-B8AA-1A46A7E86508", "versionEndIncluding": "2.4.4", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p1:*:*:*:*:*:*", "matchCriteriaId": "E6256A47-F8C7-4097-88D8-170E8E9AE45C", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p2:*:*:*:*:*:*", "matchCriteriaId": "7F038B4C-BC0C-40A8-B547-36F0420CD800", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A Stored Cross-Site Scripting (XSS) vulnerability was found in status_filter_reload.php, a page in the pfSense software WebGUI, on Netgate pfSense version 2.4.4-p2 and earlier. The page did not encode output from the filter reload process, and a stored XSS was possible via the descr (description) parameter on NAT rules." }, { "lang": "es", "value": "Se ha encontrado una vulnerabilidad de Cross-Site Scripting (XSS) almacenada en status_filter_reload.php, una p\u00e1gina de la WebGUI del software pfSense, en la versi\u00f3n 2.4.4-p2 de Netgate pfSense y anteriores. La p\u00e1gina no codificaba la salida del proceso de recarga del filtro, y era posible un XSS almacenado a trav\u00e9s del par\u00e1metro descr (descripci\u00f3n) en las reglas NAT" } ], "id": "CVE-2020-19201", "lastModified": "2024-11-21T05:09:01.437", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-07-12T16:15:08.367", "references": [ { "source": "cve@mitre.org", "tags": [ "Product", "Vendor Advisory" ], "url": "https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://gist.github.com/dharmeshbaskaran/fd3779006361d07651a883e8a040d916" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://www.pfsense.org/download/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Product", "Vendor Advisory" ], "url": "https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://gist.github.com/dharmeshbaskaran/fd3779006361d07651a883e8a040d916" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://www.pfsense.org/download/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2015-08-18 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in pfSense before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) srctrack, (2) use_mfs_tmp_size, or (3) use_mfs_var_size parameter to system_advanced_misc.php; the (4) port, (5) snaplen, or (6) count parameter to diag_packet_capture.php; the (7) pppoe_resethour, (8) pppoe_resetminute, (9) wpa_group_rekey, or (10) wpa_gmk_rekey parameter to interfaces.php; the (11) pppoe_resethour or (12) pppoe_resetminute parameter to interfaces_ppps_edit.php; the (13) member[] parameter to interfaces_qinq_edit.php; the (14) port or (15) retry parameter to load_balancer_pool_edit.php; the (16) pkgrepourl parameter to pkg_mgr_settings.php; the (17) zone parameter to services_captiveportal.php; the port parameter to (18) services_dnsmasq.php or (19) services_unbound.php; the (20) cache_max_ttl or (21) cache_min_ttl parameter to services_unbound_advanced.php; the (22) sshport parameter to system_advanced_admin.php; the (23) id, (24) tunable, (25) descr, or (26) value parameter to system_advanced_sysctl.php; the (27) firmwareurl, (28) repositoryurl, or (29) branch parameter to system_firmware_settings.php; the (30) pfsyncpeerip, (31) synchronizetoip, (32) username, or (33) passwordfld parameter to system_hasync.php; the (34) maxmss parameter to vpn_ipsec_settings.php; the (35) ntp_server1, (36) ntp_server2, (37) wins_server1, or (38) wins_server2 parameter to vpn_openvpn_csc.php; or unspecified parameters to (39) load_balancer_relay_action.php, (40) load_balancer_relay_action_edit.php, (41) load_balancer_relay_protocol.php, or (42) load_balancer_relay_protocol_edit.php.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "3BA5CC95-6D5A-4D99-9F05-83CF9D4E9930", "versionEndIncluding": "2.2.2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in pfSense before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) srctrack, (2) use_mfs_tmp_size, or (3) use_mfs_var_size parameter to system_advanced_misc.php; the (4) port, (5) snaplen, or (6) count parameter to diag_packet_capture.php; the (7) pppoe_resethour, (8) pppoe_resetminute, (9) wpa_group_rekey, or (10) wpa_gmk_rekey parameter to interfaces.php; the (11) pppoe_resethour or (12) pppoe_resetminute parameter to interfaces_ppps_edit.php; the (13) member[] parameter to interfaces_qinq_edit.php; the (14) port or (15) retry parameter to load_balancer_pool_edit.php; the (16) pkgrepourl parameter to pkg_mgr_settings.php; the (17) zone parameter to services_captiveportal.php; the port parameter to (18) services_dnsmasq.php or (19) services_unbound.php; the (20) cache_max_ttl or (21) cache_min_ttl parameter to services_unbound_advanced.php; the (22) sshport parameter to system_advanced_admin.php; the (23) id, (24) tunable, (25) descr, or (26) value parameter to system_advanced_sysctl.php; the (27) firmwareurl, (28) repositoryurl, or (29) branch parameter to system_firmware_settings.php; the (30) pfsyncpeerip, (31) synchronizetoip, (32) username, or (33) passwordfld parameter to system_hasync.php; the (34) maxmss parameter to vpn_ipsec_settings.php; the (35) ntp_server1, (36) ntp_server2, (37) wins_server1, or (38) wins_server2 parameter to vpn_openvpn_csc.php; or unspecified parameters to (39) load_balancer_relay_action.php, (40) load_balancer_relay_action_edit.php, (41) load_balancer_relay_protocol.php, or (42) load_balancer_relay_protocol_edit.php." }, { "lang": "es", "value": "Vulnerabilidad de XSS m\u00faltiple en pfSense en versiones anteriores a 2.2.3, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s del par\u00e1metro (1) srctrack, (2) use_mfs_tmp_size o (3) use_mfs_var_size a system_advanced_misc.php; del par\u00e1metro (4) port, (5) snaplen o (6) count a diag_packet_capture.php; del par\u00e1metro (7) pppoe_resethour, (8) pppoe_resetminute, (9) wpa_group_rekey o (10) wpa_gmk_rekey a interfaces.php; del par\u00e1metro (11) pppoe_resethour o (12) pppoe_resetminute a interfaces_ppps_edit.php; del par\u00e1metro (13) member[] a interfaces_qinq_edit.php; del par\u00e1metro (14) port o (15) retry a load_balancer_pool_edit.php; del par\u00e1metro (16) pkgrepourl a pkg_mgr_settings.php; del par\u00e1metro (17) zone a services_captiveportal.php; del par\u00e1metro port a (18) services_dnsmasq.php o (19) services_unbound.php; del par\u00e1metro (20) cache_max_ttl o (21) cache_min_ttl a services_unbound_advanced.php; del par\u00e1metro (22) sshport a system_advanced_a dmin.php; del par\u00e1metro (23) id, (24) tunable, (25) descr, o (26) value a system_advanced_sysctl.php; del par\u00e1metro (27) firmwareurl, (28) repositoryurl, o (29) branch a system_firmware_settings.php; del par\u00e1metro (30) pfsyncpeerip, (31) synchronizetoip, (32) username o (33) passwordfld a system_hasync.php; del par\u00e1metro (34) maxmss a vpn_ipsec_settings.php; del par\u00e1metro (35) ntp_server1, (36) ntp_server2, (37) wins_server1, o (38) wins_server2 a vpn_openvpn_csc.php; o par\u00e1metros no especificados a (39) load_balancer_relay_action.php, (40) load_balancer_relay_action_edit.php, (41) load_balancer_relay_protocol.php o (42) load_balancer_relay_protocol_edit.php." } ], "id": "CVE-2015-6510", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2015-08-18T15:59:09.800", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-06-03 03:29
Modified
2024-11-21 04:23
Severity ?
Summary
Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsd_status.php.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apcupsd:apcupsd:0.3.91_5:*:*:*:*:*:*:*", "matchCriteriaId": "EBBF5E89-37CA-49B0-9C23-96B231CCA1E0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "2829D9BD-28CA-4E27-997A-25A96ED9B868", "versionEndExcluding": "2.4.4", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:-:*:*:*:*:*:*", "matchCriteriaId": "9A0A896A-691F-442E-9CDE-0EC1393C0C1C", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p1:*:*:*:*:*:*", "matchCriteriaId": "E6256A47-F8C7-4097-88D8-170E8E9AE45C", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p2:*:*:*:*:*:*", "matchCriteriaId": "7F038B4C-BC0C-40A8-B547-36F0420CD800", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p3:*:*:*:*:*:*", "matchCriteriaId": "2FC53B2F-94B4-4985-B49E-652C6D3A9940", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsd_status.php." }, { "lang": "es", "value": "Apcupsd versi\u00f3n 0.3.91_5, como es usado en pfSense hasta versi\u00f3n 2.4.4-RELEASE-p3 y otros productos, tiene un problema de tipo Cross-Site Scripting (XSS) en el archivo apcupsd_status.php." } ], "id": "CVE-2019-12584", "lastModified": "2024-11-21T04:23:08.440", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-06-03T03:29:00.213", "references": [ { "source": "cve@mitre.org", "url": "https://ctrsec.io/index.php/2019/05/28/cve-2019-12584-12585-command-injection-vulnerability-on-pfsense-2-4-4-release-p3/" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/pfsense/FreeBSD-ports/commit/b492c0ea47aba8dde2f14183e71498ba207594e3" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://redmine.pfsense.org/issues/9556" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://ctrsec.io/index.php/2019/05/28/cve-2019-12584-12585-command-injection-vulnerability-on-pfsense-2-4-4-release-p3/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/pfsense/FreeBSD-ports/commit/b492c0ea47aba8dde2f14183e71498ba207594e3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://redmine.pfsense.org/issues/9556" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2022-12-15 19:15
Modified
2025-04-25 15:15
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Cross Site Scripting (XSS) vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the RootFolder field to acme_certificate_edit.php page of the ACME package.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/pfsense/FreeBSD-ports/commit/a6f443cde51e7fcf17e51f16014d3589253284d8 | Patch, Third Party Advisory | |
cve@mitre.org | https://redmine.pfsense.org/issues/9888 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/pfsense/FreeBSD-ports/commit/a6f443cde51e7fcf17e51f16014d3589253284d8 | Patch, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://redmine.pfsense.org/issues/9888 | Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:acme:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "6D96FC86-B9E9-4A50-A57E-3522B379D854", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p3:*:*:*:*:*:*", "matchCriteriaId": "2FC53B2F-94B4-4985-B49E-652C6D3A9940", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross Site Scripting (XSS) vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the RootFolder field to acme_certificate_edit.php page of the ACME package." }, { "lang": "es", "value": "Vulnerabilidad de Cross Site Scripting (XSS) en Netgate pf Sense 2.4.4-Release-p3 y el paquete Netgate ACME 0.6.3 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s del campo RootFolder en la p\u00e1gina acme_certificate_edit.php del paquete ACME." } ], "id": "CVE-2020-21219", "lastModified": "2025-04-25T15:15:29.040", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2022-12-15T19:15:15.510", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/pfsense/FreeBSD-ports/commit/a6f443cde51e7fcf17e51f16014d3589253284d8" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://redmine.pfsense.org/issues/9888" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/pfsense/FreeBSD-ports/commit/a6f443cde51e7fcf17e51f16014d3589253284d8" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://redmine.pfsense.org/issues/9888" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2018-09-26 22:29
Modified
2024-11-21 03:52
Severity ?
Summary
An authenticated command injection vulnerability exists in status_interfaces.php via dhcp_relinquish_lease() in pfSense before 2.4.4 due to its passing user input from the $_POST parameters "ifdescr" and "ipv" to a shell without escaping the contents of the variables. This allows an authenticated WebGUI user with privileges for the affected page to execute commands in the context of the root user when submitting a request to relinquish a DHCP lease for an interface which is configured to obtain its address via DHCP.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://doddsecurity.com/190/command-injection-on-pfsense-firewalls/ | Third Party Advisory | |
cve@mitre.org | https://www.pfsense.org/security/advisories/pfSense-SA-18_08.webgui.asc | Mitigation, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://doddsecurity.com/190/command-injection-on-pfsense-firewalls/ | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.pfsense.org/security/advisories/pfSense-SA-18_08.webgui.asc | Mitigation, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "2829D9BD-28CA-4E27-997A-25A96ED9B868", "versionEndExcluding": "2.4.4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An authenticated command injection vulnerability exists in status_interfaces.php via dhcp_relinquish_lease() in pfSense before 2.4.4 due to its passing user input from the $_POST parameters \"ifdescr\" and \"ipv\" to a shell without escaping the contents of the variables. This allows an authenticated WebGUI user with privileges for the affected page to execute commands in the context of the root user when submitting a request to relinquish a DHCP lease for an interface which is configured to obtain its address via DHCP." }, { "lang": "es", "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos en status_interfaces.php por medio de dhcp_relinquish_lease() en pfSense en versiones anteriores a la 2.4.4 debido a que pasa entradas de usuario de los par\u00e1metros $_POST \"ifdescr\" y \"ipv\" a un shell sin escapar el contenido de las variables. Esto permite que un usuario de la WebGUI autenticado con privilegios en la p\u00e1gina afectada ejecute comandos en el contexto del usuario root al enviar una solicitud para renunciar a una asignaci\u00f3n DHCP para una interfaz que est\u00e1 configurada para obtener su direcci\u00f3n mediante DHCP." } ], "id": "CVE-2018-16055", "lastModified": "2024-11-21T03:52:00.513", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-09-26T22:29:00.887", "references": [ { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://doddsecurity.com/190/command-injection-on-pfsense-firewalls/" }, { "source": "cve@mitre.org", "tags": [ "Mitigation", "Vendor Advisory" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-18_08.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://doddsecurity.com/190/command-injection-on-pfsense-firewalls/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mitigation", "Vendor Advisory" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-18_08.webgui.asc" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-78" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-05-29 19:29
Modified
2024-11-21 04:22
Severity ?
Summary
In pfSense 2.4.4-p3, a stored XSS vulnerability occurs when attackers inject a payload into the Name or Description field via an acme_accountkeys_edit.php action. The vulnerability occurs due to input validation errors.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p3:*:*:*:*:*:*", "matchCriteriaId": "2FC53B2F-94B4-4985-B49E-652C6D3A9940", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "In pfSense 2.4.4-p3, a stored XSS vulnerability occurs when attackers inject a payload into the Name or Description field via an acme_accountkeys_edit.php action. The vulnerability occurs due to input validation errors." }, { "lang": "es", "value": "En pfSense versi\u00f3n 2.4.4-p3, se produce una vulnerabilidad de tipo XSS almacenada cuando los atacantes inyectan una carga en el par\u00e1metro Name o Description por medio del archivo acme_accountkeys_edit.php. La vulnerabilidad se produce debido a errores de validaci\u00f3n de entrada." } ], "id": "CVE-2019-12347", "lastModified": "2024-11-21T04:22:38.247", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-05-29T19:29:00.487", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "http://packetstormsecurity.com/files/153112/pfSense-2.4.4-p3-Cross-Site-Scripting.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Third Party Advisory" ], "url": "https://ctrsec.io/index.php/2019/05/28/stored-xss-acme-pfsense-2-4-4-p3/" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/pfsense/FreeBSD-ports/commit/504909564079e540689dbdbed3a579483c614275" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Vendor Advisory" ], "url": "https://redmine.pfsense.org/issues/9554#change-40729" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://www.pfsense.org/download/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "http://packetstormsecurity.com/files/153112/pfSense-2.4.4-p3-Cross-Site-Scripting.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Third Party Advisory" ], "url": "https://ctrsec.io/index.php/2019/05/28/stored-xss-acme-pfsense-2-4-4-p3/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/pfsense/FreeBSD-ports/commit/504909564079e540689dbdbed3a579483c614275" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "https://redmine.pfsense.org/issues/9554#change-40729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://www.pfsense.org/download/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-09-26 18:15
Modified
2024-11-21 04:31
Severity ?
Summary
An XSS issue was discovered in pfSense through 2.4.4-p3. In services_captiveportal_mac.php, the username and delmac parameters are displayed without sanitization.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/pfsense/pfsense/commit/d31362b69d5d52dc196dc72f66e830cd1e6e9a4f | Patch, Third Party Advisory | |
cve@mitre.org | https://redmine.pfsense.org/issues/9609 | Permissions Required, Third Party Advisory | |
cve@mitre.org | https://www.seebug.org/vuldb/ssvid-98023 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/pfsense/pfsense/commit/d31362b69d5d52dc196dc72f66e830cd1e6e9a4f | Patch, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://redmine.pfsense.org/issues/9609 | Permissions Required, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.seebug.org/vuldb/ssvid-98023 | Third Party Advisory |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "2829D9BD-28CA-4E27-997A-25A96ED9B868", "versionEndExcluding": "2.4.4", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:-:*:*:*:*:*:*", "matchCriteriaId": "9A0A896A-691F-442E-9CDE-0EC1393C0C1C", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p1:*:*:*:*:*:*", "matchCriteriaId": "E6256A47-F8C7-4097-88D8-170E8E9AE45C", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p2:*:*:*:*:*:*", "matchCriteriaId": "7F038B4C-BC0C-40A8-B547-36F0420CD800", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p3:*:*:*:*:*:*", "matchCriteriaId": "2FC53B2F-94B4-4985-B49E-652C6D3A9940", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An XSS issue was discovered in pfSense through 2.4.4-p3. In services_captiveportal_mac.php, the username and delmac parameters are displayed without sanitization." }, { "lang": "es", "value": "Se descubri\u00f3 un problema de tipo XSS en pfSense versiones hasta 2.4.4-p3. En el archivo services_captiveportal_mac.php, los par\u00e1metros username y delmac se muestran sin saneamiento." } ], "id": "CVE-2019-16914", "lastModified": "2024-11-21T04:31:20.003", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-09-26T18:15:10.743", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/pfsense/pfsense/commit/d31362b69d5d52dc196dc72f66e830cd1e6e9a4f" }, { "source": "cve@mitre.org", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "https://redmine.pfsense.org/issues/9609" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://www.seebug.org/vuldb/ssvid-98023" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/pfsense/pfsense/commit/d31362b69d5d52dc196dc72f66e830cd1e6e9a4f" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "https://redmine.pfsense.org/issues/9609" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://www.seebug.org/vuldb/ssvid-98023" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2015-08-18 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in pfSense before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) proxypass parameter to system_advanced_misc.php; (2) adaptiveend, (3) adaptivestart, (4) maximumstates, (5) maximumtableentries, or (6) aliasesresolveinterval parameter to system_advanced_firewall.php; (7) proxyurl, (8) proxyuser, or (9) proxyport parameter to system_advanced_misc.php; or (10) name, (11) notification_name, (12) ipaddress, (13) password, (14) smtpipaddress, (15) smtpport, (16) smtpfromaddress, (17) smtpnotifyemailaddress, (18) smtpusername, or (19) smtppassword parameter to system_advanced_notifications.php.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "3BA5CC95-6D5A-4D99-9F05-83CF9D4E9930", "versionEndIncluding": "2.2.2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in pfSense before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) proxypass parameter to system_advanced_misc.php; (2) adaptiveend, (3) adaptivestart, (4) maximumstates, (5) maximumtableentries, or (6) aliasesresolveinterval parameter to system_advanced_firewall.php; (7) proxyurl, (8) proxyuser, or (9) proxyport parameter to system_advanced_misc.php; or (10) name, (11) notification_name, (12) ipaddress, (13) password, (14) smtpipaddress, (15) smtpport, (16) smtpfromaddress, (17) smtpnotifyemailaddress, (18) smtpusername, or (19) smtppassword parameter to system_advanced_notifications.php." }, { "lang": "es", "value": "Vulnerabilidad de XSS m\u00faltiple en pfSense en versiones anteriores a 2.2.3, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de (1) el par\u00e1metro proxypass a system_advanced_misc.php; (2) adaptiveend, (3) adaptivestart, (4) maximumstates, (5) maximumtableentries o (6) del par\u00e1metro aliasesresolveinterval a system_advanced_firewall.php; (7) proxyurl, (8) proxyuser o (9) del par\u00e1metro proxyport a system_advanced_misc.php; o (10) name, (11) notification_name, (12) ipaddress, (13) password, (14) smtpipaddress, (15) smtpport, (16) smtpfromaddress, (17) smtpnotifyemailaddress, (18) smtpusername o (19) del par\u00e1metro smtppassword a system_advanced_notifications.php." } ], "id": "CVE-2015-6509", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2015-08-18T15:59:08.847", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2015-08-18 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the descr parameter in a "new" action to system_authservers.php.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "3BA5CC95-6D5A-4D99-9F05-83CF9D4E9930", "versionEndIncluding": "2.2.2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the descr parameter in a \"new\" action to system_authservers.php." }, { "lang": "es", "value": "Vulnerabilidad de XSS en pfSense en versiones anteriores a 2.2.3, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s del par\u00e1metro descr en una \u0027nueva\u0027 acci\u00f3n a system_authservers.php." } ], "id": "CVE-2015-6508", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2015-08-18T15:59:07.677", "references": [ { "source": "cve@mitre.org", "url": "https://redmine.pfsense.org/issues/4698" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://redmine.pfsense.org/issues/4698" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-05-20 22:29
Modified
2024-11-21 04:21
Severity ?
Summary
Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://forum.opnsense.org/index.php?topic=12787.0 | Release Notes, Vendor Advisory | |
cve@mitre.org | https://www.netgate.com/blog/pfsense-2-4-4-release-p3-now-available.html | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://forum.opnsense.org/index.php?topic=12787.0 | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.netgate.com/blog/pfsense-2-4-4-release-p3-now-available.html | Release Notes, Vendor Advisory |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "653BCB44-6584-4779-B8AA-1A46A7E86508", "versionEndIncluding": "2.4.4", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p1:*:*:*:*:*:*", "matchCriteriaId": "E6256A47-F8C7-4097-88D8-170E8E9AE45C", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p2:*:*:*:*:*:*", "matchCriteriaId": "7F038B4C-BC0C-40A8-B547-36F0420CD800", "vulnerable": true }, { "criteria": "cpe:2.3:a:opnsense:opnsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "BD34BEF5-6D4C-40F8-A11B-7A12589D24FB", "versionEndExcluding": "19.1.8", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request." }, { "lang": "es", "value": "El control de acceso incorrecto en la WebUI en OPNsense antes de la versi\u00f3n 19.1.8, y pfsense antes de 2.4.4-p3 permite a los usuarios autenticados remotos escalar los privilegios a administrador a trav\u00e9s de una solicitud especialmente dise\u00f1ada." } ], "id": "CVE-2019-11816", "lastModified": "2024-11-21T04:21:49.410", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-05-20T22:29:00.330", "references": [ { "source": "cve@mitre.org", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://forum.opnsense.org/index.php?topic=12787.0" }, { "source": "cve@mitre.org", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://www.netgate.com/blog/pfsense-2-4-4-release-p3-now-available.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://forum.opnsense.org/index.php?topic=12787.0" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://www.netgate.com/blog/pfsense-2-4-4-release-p3-now-available.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2015-08-18 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the WebGUI in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the zone parameter in a del action to services_captiveportal_zones.php.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "3BA5CC95-6D5A-4D99-9F05-83CF9D4E9930", "versionEndIncluding": "2.2.2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the WebGUI in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the zone parameter in a del action to services_captiveportal_zones.php." }, { "lang": "es", "value": "Vulnerabilidad de XSS en el WebGUI en pfSense en versiones anteriores a 2.2.3, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s del par\u00e1metro de zona en una acci\u00f3n del a services_captiveportal_zones.php." } ], "id": "CVE-2015-4029", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2015-08-18T15:59:00.097", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://seclists.org/fulldisclosure/2015/Jul/66" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Vendor Advisory" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://seclists.org/fulldisclosure/2015/Jul/66" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-03-01 15:29
Modified
2024-11-21 04:02
Severity ?
Summary
The expiretable configuration in pfSense 2.4.4_1 establishes block durations that are incompatible with the block durations implemented by sshguard, which might make it easier for attackers to bypass intended access restrictions.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://redmine.pfsense.org/issues/9223 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://redmine.pfsense.org/issues/9223 | Exploit, Issue Tracking, Patch, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p1:*:*:*:*:*:*", "matchCriteriaId": "E6256A47-F8C7-4097-88D8-170E8E9AE45C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The expiretable configuration in pfSense 2.4.4_1 establishes block durations that are incompatible with the block durations implemented by sshguard, which might make it easier for attackers to bypass intended access restrictions." }, { "lang": "es", "value": "La configuraci\u00f3n de expiretable en pfSense 2.4.4_1 establece duraciones de bloqueo que no son compatibles con las duraciones de bloqueo implementadas por sshguard, lo que podr\u00eda facilitar que los atacantes omitan las restricciones de acceso planeadas." } ], "id": "CVE-2018-20798", "lastModified": "2024-11-21T04:02:12.123", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-03-01T15:29:00.280", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ], "url": "https://redmine.pfsense.org/issues/9223" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ], "url": "https://redmine.pfsense.org/issues/9223" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-732" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-09-25 16:15
Modified
2024-11-21 04:31
Severity ?
Summary
pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.exec_php call containing shell metacharacters in a parameter value.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://packetstormsecurity.com/files/154587/pfSense-2.3.4-2.4.4-p3-Remote-Code-Injection.html | Exploit, Third Party Advisory, VDB Entry | |
cve@mitre.org | https://github.com/pfsense/pfsense/commits/master | Third Party Advisory | |
cve@mitre.org | https://hackernews.blog/pfsense-2-3-4-2-4-4-p3-remote-code-injection/#more | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/154587/pfSense-2.3.4-2.4.4-p3-Remote-Code-Injection.html | Exploit, Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/pfsense/pfsense/commits/master | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://hackernews.blog/pfsense-2-3-4-2-4-4-p3-remote-code-injection/#more | Exploit, Third Party Advisory |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF835C68-218C-4B34-AF2E-2BB5368D2206", "versionEndExcluding": "2.4.4", "versionStartIncluding": "2.3.4", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:-:*:*:*:*:*:*", "matchCriteriaId": "9A0A896A-691F-442E-9CDE-0EC1393C0C1C", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p1:*:*:*:*:*:*", "matchCriteriaId": "E6256A47-F8C7-4097-88D8-170E8E9AE45C", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p2:*:*:*:*:*:*", "matchCriteriaId": "7F038B4C-BC0C-40A8-B547-36F0420CD800", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p3:*:*:*:*:*:*", "matchCriteriaId": "2FC53B2F-94B4-4985-B49E-652C6D3A9940", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.exec_php call containing shell metacharacters in a parameter value." }, { "lang": "es", "value": "pfSense versiones de 2.3.4 hasta 2.4.4-p3, permite la inyecci\u00f3n de c\u00f3digo remota por medio de un documento XML de MethodCall con una llamada del archivo pfsense.exec_php que contiene metacaracteres de shell en un valor de par\u00e1metro." } ], "id": "CVE-2019-16701", "lastModified": "2024-11-21T04:31:00.590", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-09-25T16:15:12.353", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "http://packetstormsecurity.com/files/154587/pfSense-2.3.4-2.4.4-p3-Remote-Code-Injection.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://github.com/pfsense/pfsense/commits/master" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://hackernews.blog/pfsense-2-3-4-2-4-4-p3-remote-code-injection/#more" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory", "VDB Entry" ], "url": "http://packetstormsecurity.com/files/154587/pfSense-2.3.4-2.4.4-p3-Remote-Code-Injection.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://github.com/pfsense/pfsense/commits/master" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://hackernews.blog/pfsense-2-3-4-2-4-4-p3-remote-code-injection/#more" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-78" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-04-04 15:15
Modified
2025-02-13 17:15
Severity ?
9.6 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.6 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.6 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Summary
Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows attackers to execute arbitrary code via the RootFolder field of acme_certificates.php.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
netgate | pfsense | 2.4.4 | |
netgate | pfsense_acme_package | 0.6.3 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:-:*:*:*:*:*:*", "matchCriteriaId": "9A0A896A-691F-442E-9CDE-0EC1393C0C1C", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense_acme_package:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "E5DA9A43-633B-493F-BE41-2A3445C2C180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows attackers to execute arbitrary code via the RootFolder field of acme_certificates.php." } ], "id": "CVE-2020-21487", "lastModified": "2025-02-13T17:15:25.783", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 6.0, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2023-04-04T15:15:08.147", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "https://github.com/pfsense/FreeBSD-ports/commit/a6f443cde51e7fcf17e51f16014d3589253284d8" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Patch" ], "url": "https://redmine.pfsense.org/issues/9888" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "https://github.com/pfsense/FreeBSD-ports/commit/a6f443cde51e7fcf17e51f16014d3589253284d8" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Patch" ], "url": "https://redmine.pfsense.org/issues/9888" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2021-07-12 16:15
Modified
2024-11-21 05:09
Severity ?
Summary
An authenticated Cross-Site Scripting (XSS) vulnerability was found in widgets/widgets/wake_on_lan_widget.php, a component of the pfSense software WebGUI, on version 2.4.4-p2 and earlier. The widget did not encode the descr (description) parameter of wake-on-LAN entries in its output, leading to a possible stored XSS.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html | Vendor Advisory | |
cve@mitre.org | https://gist.github.com/dharmeshbaskaran/55d546496bfb0ba28117e846d8b785db | Third Party Advisory | |
cve@mitre.org | https://www.netgate.com/assets/downloads/advisories/pfSense-SA-19_04.webgui.asc | Vendor Advisory | |
cve@mitre.org | https://www.pfsense.org/download/ | Product, Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://gist.github.com/dharmeshbaskaran/55d546496bfb0ba28117e846d8b785db | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.netgate.com/assets/downloads/advisories/pfSense-SA-19_04.webgui.asc | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.pfsense.org/download/ | Product, Release Notes, Vendor Advisory |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "2829D9BD-28CA-4E27-997A-25A96ED9B868", "versionEndExcluding": "2.4.4", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:-:*:*:*:*:*:*", "matchCriteriaId": "9A0A896A-691F-442E-9CDE-0EC1393C0C1C", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p1:*:*:*:*:*:*", "matchCriteriaId": "E6256A47-F8C7-4097-88D8-170E8E9AE45C", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p2:*:*:*:*:*:*", "matchCriteriaId": "7F038B4C-BC0C-40A8-B547-36F0420CD800", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An authenticated Cross-Site Scripting (XSS) vulnerability was found in widgets/widgets/wake_on_lan_widget.php, a component of the pfSense software WebGUI, on version 2.4.4-p2 and earlier. The widget did not encode the descr (description) parameter of wake-on-LAN entries in its output, leading to a possible stored XSS." }, { "lang": "es", "value": "Se ha encontrado una vulnerabilidad de Cross-Site Scripting (XSS) autentificada en widgets/widgets/wake_on_lan_widget.php, un componente de la WebGUI del software pfSense, en la versi\u00f3n 2.4.4-p2 y anteriores. El widget no codificaba el par\u00e1metro descr (descripci\u00f3n) de las entradas de wake-on-LAN en su salida, lo que conduc\u00eda a un posible XSS almacenado" } ], "id": "CVE-2020-19203", "lastModified": "2024-11-21T05:09:01.773", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-07-12T16:15:08.413", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://gist.github.com/dharmeshbaskaran/55d546496bfb0ba28117e846d8b785db" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://www.netgate.com/assets/downloads/advisories/pfSense-SA-19_04.webgui.asc" }, { "source": "cve@mitre.org", "tags": [ "Product", "Release Notes", "Vendor Advisory" ], "url": "https://www.pfsense.org/download/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://gist.github.com/dharmeshbaskaran/55d546496bfb0ba28117e846d8b785db" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://www.netgate.com/assets/downloads/advisories/pfSense-SA-19_04.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Product", "Release Notes", "Vendor Advisory" ], "url": "https://www.pfsense.org/download/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-03-01 15:29
Modified
2024-11-21 04:02
Severity ?
Summary
In pfSense 2.4.4_1, blocking of source IP addresses on the basis of failed HTTPS authentication is inconsistent with blocking of source IP addresses on the basis of failed SSH authentication (the behavior does not match the sshguard documentation), which might make it easier for attackers to bypass intended access restrictions.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://redmine.pfsense.org/issues/9223 | Exploit, Issue Tracking, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://redmine.pfsense.org/issues/9223 | Exploit, Issue Tracking, Patch, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p1:*:*:*:*:*:*", "matchCriteriaId": "E6256A47-F8C7-4097-88D8-170E8E9AE45C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "In pfSense 2.4.4_1, blocking of source IP addresses on the basis of failed HTTPS authentication is inconsistent with blocking of source IP addresses on the basis of failed SSH authentication (the behavior does not match the sshguard documentation), which might make it easier for attackers to bypass intended access restrictions." }, { "lang": "es", "value": "En pfSense 2.4.4_1, el bloqueo de las direcciones IP de origen al haber un error de autenticaci\u00f3n HTTPS es inconsistente con el bloqueo de direcciones IP de origen al haber un error de autenticaci\u00f3n SSH (este comportamiento no coincide con la documentaci\u00f3n de sshguard). Esto podr\u00eda facilitar que los atacantes omitan las restricciones de acceso planeadas." } ], "id": "CVE-2018-20799", "lastModified": "2024-11-21T04:02:12.283", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-03-01T15:29:00.327", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ], "url": "https://redmine.pfsense.org/issues/9223" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ], "url": "https://redmine.pfsense.org/issues/9223" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2020-04-29 14:15
Modified
2024-11-21 04:56
Severity ?
Summary
An XSS vulnerability resides in the hostname field of the diag_ping.php page in pfsense before 2.4.5 version. After passing inputs to the command and executing this command, the $result variable is not sanitized before it is printed.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://docs.netgate.com/pfsense/en/latest/releases/2-4-5-new-features-and-changes.html | Release Notes, Vendor Advisory | |
cve@mitre.org | https://github.com/pfsense/pfsense/commit/cc3990a334059018b004c91eeb66c147d8afe83d | Patch, Third Party Advisory | |
cve@mitre.org | https://redmine.pfsense.org/issues/10355 | Issue Tracking, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://docs.netgate.com/pfsense/en/latest/releases/2-4-5-new-features-and-changes.html | Release Notes, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/pfsense/pfsense/commit/cc3990a334059018b004c91eeb66c147d8afe83d | Patch, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://redmine.pfsense.org/issues/10355 | Issue Tracking, Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "D211001F-1AF6-453C-A997-D45C099B5895", "versionEndExcluding": "2.4.5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An XSS vulnerability resides in the hostname field of the diag_ping.php page in pfsense before 2.4.5 version. After passing inputs to the command and executing this command, the $result variable is not sanitized before it is printed." }, { "lang": "es", "value": "Una vulnerabilidad de tipo XSS reside en el campo hostname de la p\u00e1gina diag_ping.php en pfsense versiones anteriores a 2.4.5. Despu\u00e9s de pasar las entradas al comando y ejecutar este comando, la variable $result no es saneada antes de ser impresa." } ], "id": "CVE-2020-10797", "lastModified": "2024-11-21T04:56:05.610", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2020-04-29T14:15:16.967", "references": [ { "source": "cve@mitre.org", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://docs.netgate.com/pfsense/en/latest/releases/2-4-5-new-features-and-changes.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/pfsense/pfsense/commit/cc3990a334059018b004c91eeb66c147d8afe83d" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://redmine.pfsense.org/issues/10355" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes", "Vendor Advisory" ], "url": "https://docs.netgate.com/pfsense/en/latest/releases/2-4-5-new-features-and-changes.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/pfsense/pfsense/commit/cc3990a334059018b004c91eeb66c147d8afe83d" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://redmine.pfsense.org/issues/10355" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-09-26 19:15
Modified
2024-11-21 04:30
Severity ?
Summary
diag_command.php in pfSense 2.4.4-p3 allows CSRF via the txtCommand or txtRecallBuffer field, as demonstrated by executing OS commands. This occurs because csrf_callback() produces a "CSRF token expired" error and a Try Again button when a CSRF token is missing.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p3:*:*:*:*:*:*", "matchCriteriaId": "2FC53B2F-94B4-4985-B49E-652C6D3A9940", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "diag_command.php in pfSense 2.4.4-p3 allows CSRF via the txtCommand or txtRecallBuffer field, as demonstrated by executing OS commands. This occurs because csrf_callback() produces a \"CSRF token expired\" error and a Try Again button when a CSRF token is missing." }, { "lang": "es", "value": "El archivo diag_command.php en pfSense versi\u00f3n 2.4.4-p3, permite un ataque de tipo CSRF por medio del campo txtCommand o txtRecallBuffer, como es demostrado mediante la ejecuci\u00f3n de comandos de Sistema Operativo. Esto se presenta porque la funci\u00f3n csrf_callback() produce un error de \"CSRF token expired\" y un bot\u00f3n Try Again cuando un token CSRF est\u00e1 faltando." } ], "id": "CVE-2019-16667", "lastModified": "2024-11-21T04:30:56.187", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-09-26T19:15:12.447", "references": [ { "source": "cve@mitre.org", "url": "http://packetstormsecurity.com/files/158614/pfSense-2.4.4-p3-Cross-Site-Request-Forgery.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://pastebin.com/TEJdu9LN" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://packetstormsecurity.com/files/158614/pfSense-2.4.4-p3-Cross-Site-Request-Forgery.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://pastebin.com/TEJdu9LN" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-352" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-12-03 22:29
Modified
2024-11-21 04:06
Severity ?
Summary
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_battery_mode` POST parameter.
References
▶ | URL | Tags | |
---|---|---|---|
talos-cna@cisco.com | https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690 | Exploit, Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "D2F10ACD-20E9-4015-947C-3D9C00A0D8A1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_battery_mode` POST parameter." }, { "lang": "es", "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos explotable en la manera en la que Netgate pfSense CE 2.4.4-RELEASE procesa los par\u00e1metros de una petici\u00f3n POST espec\u00edfica. El atacante puede explotarlo y obtener la capacidad para ejecutar comandos arbitrarios en el sistema. Un atacante necesita poder enviar peticiones POST autenticadas a la interfaz web de administraci\u00f3n. La inyecci\u00f3n de comandos es posible en el par\u00e1metro POST \"powerd_battery_mode\"." } ], "id": "CVE-2018-4021", "lastModified": "2024-11-21T04:06:31.967", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "talos-cna@cisco.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-12-03T22:29:00.933", "references": [ { "source": "talos-cna@cisco.com", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690" } ], "sourceIdentifier": "talos-cna@cisco.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-78" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2014-07-02 10:35
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple open redirect vulnerabilities in the Snort package before 3.0.13 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to snort_rules_flowbits.php or (2) the returl parameter to snort_select_alias.php.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "41DC67D8-85E8-41E4-9BC2-86AF017CC779", "versionEndIncluding": "2.1.4", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "2CAA13A8-3B1E-4848-AB59-E385BC37E4E5", "vulnerable": true }, { "criteria": "cpe:2.3:a:pfsense:snort_package:*:*:*:*:*:*:*:*", "matchCriteriaId": "80DAF1D7-AE85-4CA8-8F49-5D3B1496F520", "versionEndIncluding": "3.0.12", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple open redirect vulnerabilities in the Snort package before 3.0.13 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to snort_rules_flowbits.php or (2) the returl parameter to snort_select_alias.php." }, { "lang": "es", "value": "M\u00faltiples vulnerabilidades de redirecci\u00f3n abierta en el paquete Snort anterior a 3.0.13 para pfSense hasta 2.1.4 permiten a atacantes remotos redirigir usuarios hacia sitios web arbitrarios y realizar ataques de phishing a trav\u00e9s del par\u00e1metro (1) referer en snort_rules_flowbits.php o (2) returl en snort_select_alias.php." } ], "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/601.html\n\n\"CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)\"", "id": "CVE-2014-4695", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2014-07-02T10:35:26.157", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2015-04-10 15:00
Modified
2025-04-12 10:46
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in system_firmware_restorefullbackup.php in the WebGUI in pfSense before 2.2.1 allows remote attackers to hijack the authentication of administrators for requests that delete arbitrary files via the deletefile parameter.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "F2F53077-1E0C-41D1-BCA5-EA3244669B72", "versionEndIncluding": "2.2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in system_firmware_restorefullbackup.php in the WebGUI in pfSense before 2.2.1 allows remote attackers to hijack the authentication of administrators for requests that delete arbitrary files via the deletefile parameter." }, { "lang": "es", "value": "Vulnerabilidad de CSRF en system_firmware_restorefullbackup.php en la GUI web en pfSense anterior a 2.2.1 permite a atacantes remotos secuestrar la autenticaci\u00f3n de administradores para solicitudes que eliminan ficheros arbitrarios a trav\u00e9s del par\u00e1metro deletefile." } ], "id": "CVE-2015-2295", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2015-04-10T15:00:03.133", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://packetstormsecurity.com/files/131022/pfSense-2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/534987/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/73344" }, { "source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/36506/" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "https://www.htbridge.com/advisory/HTB23251" }, { "source": "cve@mitre.org", "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_04.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://packetstormsecurity.com/files/131022/pfSense-2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/534987/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/73344" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/36506/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "https://www.htbridge.com/advisory/HTB23251" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_04.webgui.asc" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-352" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-11-14 04:15
Modified
2024-11-21 08:22
Severity ?
Summary
Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted url to the status_logs_filter_dynamic.php page.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:2.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B0402C4-6897-44F9-A290-09A7A7E61683", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted url to the status_logs_filter_dynamic.php page." }, { "lang": "es", "value": "La vulnerabilidad de Cross Site Scripting (XSS) en Netgate pfSense v.2.7.0 permite a un atacante remoto obtener privilegios a trav\u00e9s de una URL manipulada para la p\u00e1gina status_logs_filter_dynamic.php." } ], "id": "CVE-2023-42325", "lastModified": "2024-11-21T08:22:26.580", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-11-14T04:15:07.753", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Vendor Advisory" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-23_09.webgui.asc" }, { "source": "cve@mitre.org", "url": "https://www.sonarsource.com/blog/pfsense-vulnerabilities-sonarcloud/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-23_09.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.sonarsource.com/blog/pfsense-vulnerabilities-sonarcloud/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2015-02-27 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 before p18, and 10.1 before p6 allows remote attackers to cause a denial of service (crash) via a crafted IGMP packet, which triggers an incorrect size calculation and allocation of insufficient memory.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E9B155B9-1EE8-494D-901E-E5AE84D87750", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:freebsd:freebsd:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "5DB4C0E8-8E50-44B1-BE0C-4C261D9E9730", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6BD5BFF-260A-4A9E-B0AA-C8B8386B154E", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "D78E559A-430D-4D50-8A83-58A37D393471", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "2C560926-7789-4052-819D-C36C43C9C61E", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:*:*:*:*:*:*:*", "matchCriteriaId": "57052F01-8695-4C63-A947-7671375B9312", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "CA79CE41-D873-4A4A-A20C-83EB8772E5FA", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "F6D63B21-9D2E-4B15-9E60-6181D44B1F55", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 before p18, and 10.1 before p6 allows remote attackers to cause a denial of service (crash) via a crafted IGMP packet, which triggers an incorrect size calculation and allocation of insufficient memory." }, { "lang": "es", "value": "Desbordamiento de enteros en FreeBSD anterior a 8.4 p24, 9.x anterior a 9.3 p10. 10.0 anterior a p18, y 10.1 anterior a p6 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un paquete IGMP, lo que provoca un c\u00e1lculo de tama\u00f1o incorrecto y una reserva de memoria insuficiente." } ], "evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/190.html\"\u003eCWE-190: Integer Overflow or Wraparound\u003c/a\u003e", "id": "CVE-2015-1414", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2015-02-27T15:59:00.053", "references": [ { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2015/dsa-3175" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/72777" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1031798" }, { "source": "cve@mitre.org", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10107" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-15:04.igmp.asc" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_02.igmp.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2015/dsa-3175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/72777" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1031798" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10107" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-15:04.igmp.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_02.igmp.asc" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2018-12-03 22:29
Modified
2024-11-21 04:06
Severity ?
Summary
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_normal_mode` parameter.
References
▶ | URL | Tags | |
---|---|---|---|
talos-cna@cisco.com | https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690 | Exploit, Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "D2F10ACD-20E9-4015-947C-3D9C00A0D8A1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_normal_mode` parameter." }, { "lang": "es", "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos explotable en la manera en la que Netgate pfSense CE 2.4.4-RELEASE procesa los par\u00e1metros de una petici\u00f3n POST espec\u00edfica. El atacante puede explotarlo y obtener la capacidad para ejecutar comandos arbitrarios en el sistema. Un atacante necesita poder enviar peticiones POST autenticadas a la interfaz web de administraci\u00f3n. La inyecci\u00f3n de comandos es posible en el par\u00e1metro \"powerd_normal_mode\"." } ], "id": "CVE-2018-4019", "lastModified": "2024-11-21T04:06:31.637", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "talos-cna@cisco.com", "type": "Secondary" } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-12-03T22:29:00.857", "references": [ { "source": "talos-cna@cisco.com", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690" } ], "sourceIdentifier": "talos-cna@cisco.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-78" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-12-06 20:15
Modified
2024-11-21 08:31
Severity ?
Summary
An issue in Netgate pfSense Plus v.23.05.1 and before and pfSense CE v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the packet_capture.php file.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
netgate | pfsense | * | |
netgate | pfsense_plus | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "B58A09CC-355B-49BD-908B-ED3058794307", "versionEndIncluding": "2.7.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense_plus:*:*:*:*:*:*:*:*", "matchCriteriaId": "D1309A70-521F-4F6C-8BE7-AE9460C039A6", "versionEndIncluding": "23.05.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in Netgate pfSense Plus v.23.05.1 and before and pfSense CE v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the packet_capture.php file." }, { "lang": "es", "value": "Un problema en Netgate pfSense Plus v.23.05.1 y anteriores y pfSense CE v.2.7.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de una solicitud manipulada al archivo packet_capture.php." } ], "id": "CVE-2023-48123", "lastModified": "2024-11-21T08:31:07.950", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-12-06T20:15:07.240", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-23_11.webgui.asc" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "https://github.com/pfsense/pfsense/commit/f72618c4abb61ea6346938d0c93df9078736b775" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Patch" ], "url": "https://redmine.pfsense.org/issues/14809" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-23_11.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "https://github.com/pfsense/pfsense/commit/f72618c4abb61ea6346938d0c93df9078736b775" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Patch" ], "url": "https://redmine.pfsense.org/issues/14809" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-11-14 05:15
Modified
2024-11-21 08:22
Severity ?
Summary
An issue in Netgate pfSense v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the interfaces_gif_edit.php and interfaces_gre_edit.php components.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
netgate | pfsense | * | |
netgate | pfsense_plus | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "B58A09CC-355B-49BD-908B-ED3058794307", "versionEndIncluding": "2.7.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense_plus:*:*:*:*:*:*:*:*", "matchCriteriaId": "D1309A70-521F-4F6C-8BE7-AE9460C039A6", "versionEndIncluding": "23.05.1", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue in Netgate pfSense v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the interfaces_gif_edit.php and interfaces_gre_edit.php components." }, { "lang": "es", "value": "Un problema en Netgate pfSense v.2.7.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de una solicitud manipulada a los componentes interfaces_gif_edit.php e interfaces_gre_edit.php." } ], "id": "CVE-2023-42326", "lastModified": "2024-11-21T08:22:26.730", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-11-14T05:15:08.587", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-23_10.webgui.asc" }, { "source": "cve@mitre.org", "url": "https://www.sonarsource.com/blog/pfsense-vulnerabilities-sonarcloud/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-23_10.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.sonarsource.com/blog/pfsense-vulnerabilities-sonarcloud/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-77" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2014-07-02 10:35
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the Snort package before 3.0.13 for pfSense through 2.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the eng parameter to snort_import_aliases.php or (2) unspecified variables to snort_select_alias.php.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "41DC67D8-85E8-41E4-9BC2-86AF017CC779", "versionEndIncluding": "2.1.4", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "2CAA13A8-3B1E-4848-AB59-E385BC37E4E5", "vulnerable": true }, { "criteria": "cpe:2.3:a:pfsense:snort_package:*:*:*:*:*:*:*:*", "matchCriteriaId": "80DAF1D7-AE85-4CA8-8F49-5D3B1496F520", "versionEndIncluding": "3.0.12", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Snort package before 3.0.13 for pfSense through 2.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the eng parameter to snort_import_aliases.php or (2) unspecified variables to snort_select_alias.php." }, { "lang": "es", "value": "M\u00faltiples vulnerabilidades de XSS en el paquete Snort anterior a 3.0.13 para pfSense hasta 2.1.4 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de (1) el par\u00e1metro eng en snort_import_aliases.php o (2) variables no especificadas en snort_select_alias.php." } ], "id": "CVE-2014-4693", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2014-07-02T10:35:26.080", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2014-07-02 10:35
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple directory traversal vulnerabilities in pfSense before 2.1.4 allow (1) remote attackers to read arbitrary .info files via a crafted path in the pkg parameter to pkg_mgr_install.php and allow (2) remote authenticated users to read arbitrary files via the downloadbackup parameter to system_firmware_restorefullbackup.php.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "C9106AF8-77A8-474E-8347-AE00B27DF00F", "versionEndIncluding": "2.1.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple directory traversal vulnerabilities in pfSense before 2.1.4 allow (1) remote attackers to read arbitrary .info files via a crafted path in the pkg parameter to pkg_mgr_install.php and allow (2) remote authenticated users to read arbitrary files via the downloadbackup parameter to system_firmware_restorefullbackup.php." }, { "lang": "es", "value": "M\u00faltiples vulnerabilidades de salto de directorio en pfSense anterior a 2.1.4 permiten a (1) atacantes remotos leer ficheros .info arbitrarios a trav\u00e9s de una ruta manipulada en el par\u00e1metro pkg en pkg_mgr_install.php y permiten a (2) usuarios remotos autenticados leer ficheros arbitrarios a trav\u00e9s del par\u00e1metro downloadbackup en system_firmware_restorefullbackup.php." } ], "id": "CVE-2014-4690", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2014-07-02T10:35:25.940", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_11.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_11.webgui.asc" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2023-02-22 21:15
Modified
2024-11-21 06:58
Severity ?
Summary
pfSense CE through 2.6.0 and pfSense Plus before 22.05 allow XSS in the WebGUI via URL Table Alias URL parameters.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:community:*:*:*", "matchCriteriaId": "4FC73231-546B-4322-945C-FF2436682D39", "versionEndIncluding": "2.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:plus:*:*:*", "matchCriteriaId": "89B58607-A6E6-40E6-B1EE-6C740FBF8F5B", "versionEndExcluding": "22.05", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "pfSense CE through 2.6.0 and pfSense Plus before 22.05 allow XSS in the WebGUI via URL Table Alias URL parameters." } ], "id": "CVE-2022-29273", "lastModified": "2024-11-21T06:58:50.937", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-02-22T21:15:11.123", "references": [ { "source": "cve@mitre.org", "url": "https://docs.netgate.com/downloads/pfSense-SA-22_05.webgui.asc" }, { "source": "cve@mitre.org", "tags": [ "Release Notes" ], "url": "https://docs.netgate.com/pfsense/en/latest/releases/index.html#current-and-upcoming-supported-releases" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "https://redmine.pfsense.org/issues/13060" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.netgate.com/downloads/pfSense-SA-22_05.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Release Notes" ], "url": "https://docs.netgate.com/pfsense/en/latest/releases/index.html#current-and-upcoming-supported-releases" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "https://redmine.pfsense.org/issues/13060" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2014-07-02 10:35
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in pfSense before 2.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the starttime0 parameter to firewall_schedule.php, (2) the rssfeed parameter to rss.widget.php, (3) the servicestatusfilter parameter to services_status.widget.php, (4) the txtRecallBuffer parameter to exec.php, or (5) the HTTP Referer header to log.widget.php.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "C9106AF8-77A8-474E-8347-AE00B27DF00F", "versionEndIncluding": "2.1.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in pfSense before 2.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the starttime0 parameter to firewall_schedule.php, (2) the rssfeed parameter to rss.widget.php, (3) the servicestatusfilter parameter to services_status.widget.php, (4) the txtRecallBuffer parameter to exec.php, or (5) the HTTP Referer header to log.widget.php." }, { "lang": "es", "value": "M\u00faltiples vulnerabilidades de XSS en pfSense anterior a 2.1.4 permiten a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de (1) el par\u00e1metro starttime0 en firewall_schedule.php, (2) el par\u00e1metro rssfeed en rss.widget.php, (3) el par\u00e1metro servicestatusfilter en services_status.widget.php, (4) el par\u00e1metro txtRecallBuffer en exec.php, o (5) la cabecera HTTP Referer en log.widget.php." } ], "id": "CVE-2014-4687", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2014-07-02T10:35:25.813", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_09.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_09.webgui.asc" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2014-07-02 10:35
Modified
2025-04-12 10:46
Severity ?
Summary
Session fixation vulnerability in pfSense before 2.1.4 allows remote attackers to hijack web sessions via a firewall login cookie.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "C9106AF8-77A8-474E-8347-AE00B27DF00F", "versionEndIncluding": "2.1.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Session fixation vulnerability in pfSense before 2.1.4 allows remote attackers to hijack web sessions via a firewall login cookie." }, { "lang": "es", "value": "Vulnerabilidad de fijaci\u00f3n de sesi\u00f3n en pfSense anterior a 2.1.4 permite a atacantes remotos secuestrar sesiones web a trav\u00e9s de una cookie de inicio de sesi\u00f3n firewall." } ], "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/384.html\n\n\"CWE-384: Session Fixation\"", "id": "CVE-2014-4691", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2014-07-02T10:35:25.987", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_12.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_12.webgui.asc" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2022-03-31 08:15
Modified
2024-11-21 06:53
Severity ?
Summary
Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, which may result in arbitrary command execution.
References
▶ | URL | Tags | |
---|---|---|---|
vultures@jpcert.or.jp | https://docs.netgate.com/downloads/pfSense-SA-22_01.webgui.asc | Mitigation, Patch, Vendor Advisory | |
vultures@jpcert.or.jp | https://jvn.jp/en/jp/JVN87751554/index.html | Patch, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://docs.netgate.com/downloads/pfSense-SA-22_01.webgui.asc | Mitigation, Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://jvn.jp/en/jp/JVN87751554/index.html | Patch, Third Party Advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
netgate | pfsense | * | |
netgate | pfsense_plus | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "7AB4D564-FD37-45F0-B739-0FA889E44AE3", "versionEndExcluding": "2.6.0", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense_plus:*:*:*:*:*:*:*:*", "matchCriteriaId": "2A698B2A-EC00-494B-907A-1366740325C6", "versionEndExcluding": "22.01", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, which may result in arbitrary command execution." }, { "lang": "es", "value": "Una vulnerabilidad de control de acceso inapropiado en pfSense CE y pfSense Plus (versiones de software de pfSense CE anteriores a 2.6.0 y versiones de software de pfSense Plus anteriores a 22.01) permite que un atacante remoto con el privilegio de cambiar la configuraci\u00f3n del GPS NTP reescriba los archivos existentes en el sistema de archivos, lo que puede resultar en una ejecuci\u00f3n de un comando arbitrario" } ], "id": "CVE-2022-26019", "lastModified": "2024-11-21T06:53:19.430", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 6.8, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2022-03-31T08:15:08.387", "references": [ { "source": "vultures@jpcert.or.jp", "tags": [ "Mitigation", "Patch", "Vendor Advisory" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-22_01.webgui.asc" }, { "source": "vultures@jpcert.or.jp", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://jvn.jp/en/jp/JVN87751554/index.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mitigation", "Patch", "Vendor Advisory" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-22_01.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://jvn.jp/en/jp/JVN87751554/index.html" } ], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2015-08-18 15:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the server[] parameter to services_ntpd.php.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "3BA5CC95-6D5A-4D99-9F05-83CF9D4E9930", "versionEndIncluding": "2.2.2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the server[] parameter to services_ntpd.php." }, { "lang": "es", "value": "Vulnerabilidad de XSS en pfSense en versiones anteriores a 2.2.3, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s del par\u00e1metro the server[] a services_ntpd.php." } ], "id": "CVE-2015-6511", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2015-08-18T15:59:10.923", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-06-03 03:29
Modified
2024-11-21 04:23
Severity ?
Summary
Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an Arbitrary Command Execution issue in apcupsd_status.php.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apcupsd:apcupsd:0.3.91_5:*:*:*:*:*:*:*", "matchCriteriaId": "EBBF5E89-37CA-49B0-9C23-96B231CCA1E0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "2829D9BD-28CA-4E27-997A-25A96ED9B868", "versionEndExcluding": "2.4.4", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:-:*:*:*:*:*:*", "matchCriteriaId": "9A0A896A-691F-442E-9CDE-0EC1393C0C1C", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p1:*:*:*:*:*:*", "matchCriteriaId": "E6256A47-F8C7-4097-88D8-170E8E9AE45C", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p2:*:*:*:*:*:*", "matchCriteriaId": "7F038B4C-BC0C-40A8-B547-36F0420CD800", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p3:*:*:*:*:*:*", "matchCriteriaId": "2FC53B2F-94B4-4985-B49E-652C6D3A9940", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an Arbitrary Command Execution issue in apcupsd_status.php." }, { "lang": "es", "value": "Apcupsd versi\u00f3n 0.3.91_5, como de costumbre en pfSense hasta versi\u00f3n 2.4.4-RELEASE-p3 y otros productos, tiene un problema de ejecuci\u00f3n de comandos arbitrarios en el archivo apcupsd_status.ph" } ], "id": "CVE-2019-12585", "lastModified": "2024-11-21T04:23:08.600", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-06-03T03:29:00.273", "references": [ { "source": "cve@mitre.org", "url": "https://ctrsec.io/index.php/2019/05/28/cve-2019-12584-12585-command-injection-vulnerability-on-pfsense-2-4-4-release-p3/" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/pfsense/FreeBSD-ports/commit/b492c0ea47aba8dde2f14183e71498ba207594e3" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://redmine.pfsense.org/issues/9556" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://ctrsec.io/index.php/2019/05/28/cve-2019-12584-12585-command-injection-vulnerability-on-pfsense-2-4-4-release-p3/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/pfsense/FreeBSD-ports/commit/b492c0ea47aba8dde2f14183e71498ba207594e3" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Third Party Advisory" ], "url": "https://redmine.pfsense.org/issues/9556" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-78" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2024-10-22 17:15
Modified
2024-10-30 20:45
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
9.3 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
9.3 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Summary
A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $pconfig variable at interfaces_groups_edit.php.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:2.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "3CBD3896-7E10-4B29-BCCB-7F3E9F659B7D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $pconfig variable at interfaces_groups_edit.php." }, { "lang": "es", "value": "Una vulnerabilidad de cross-site scripting (XSS) en pfsense v2.5.2 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado e inyectado en la variable $pconfig en interfaces_groups_edit.php." } ], "id": "CVE-2024-46538", "lastModified": "2024-10-30T20:45:35.240", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 5.8, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2024-10-22T17:15:03.950", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "https://github.com/physicszq/web_issue/blob/main/pfsense/interfaces_groups_edit_file.md_xss.md" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://redmine.pfsense.org/issues/15778" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Published
2018-01-03 18:29
Modified
2024-11-21 03:04
Severity ?
Summary
pfSense versions 2.4.1 and lower are vulnerable to clickjacking attacks in the CSRF error page resulting in privileged execution of arbitrary code, because the error detection occurs before an X-Frame-Options header is set. This is fixed in 2.4.2-RELEASE. OPNsense, a 2015 fork of pfSense, was not vulnerable since version 16.1.16 released on June 06, 2016. The unprotected web form was removed from the code during an internal security audit under "possibly insecure" suspicions.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
netgate | pfsense | * | |
opnsense_project | opnsense | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C006D21-FD1F-4F0F-85CD-55537E0FE33B", "versionEndIncluding": "2.4.1", "vulnerable": true }, { "criteria": "cpe:2.3:a:opnsense_project:opnsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "FDCCA97B-00DB-43AC-BC67-BBCB357B9986", "versionEndExcluding": "16.1.16", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "pfSense versions 2.4.1 and lower are vulnerable to clickjacking attacks in the CSRF error page resulting in privileged execution of arbitrary code, because the error detection occurs before an X-Frame-Options header is set. This is fixed in 2.4.2-RELEASE. OPNsense, a 2015 fork of pfSense, was not vulnerable since version 16.1.16 released on June 06, 2016. The unprotected web form was removed from the code during an internal security audit under \"possibly insecure\" suspicions." }, { "lang": "es", "value": "pfSense, en sus versiones 2.4.1 y anteriores, es vulnerable a ataques de secuestro de clics en la p\u00e1gina de error CSRF. Esto resulta en la ejecuci\u00f3n con privilegios de c\u00f3digo arbitrario. Consulte la primera URL de referencia para m\u00e1s detalles. Los cr\u00e9ditos corresponden a Yorick Koster. OPNsense, una copia (fork) del 2015 de pfSense, no fue vulnerable desde la versi\u00f3n 16.1.16 publicada el 6 de junio de 2016. El formulario web desprotegido se elimin\u00f3 del c\u00f3digo durante una auditor\u00eda interna de seguridad bajo sospechas de \"probablemente inseguro\"." } ], "id": "CVE-2017-1000479", "lastModified": "2024-11-21T03:04:49.503", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2018-01-03T18:29:00.323", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2017/11/22/7" }, { "source": "cve@mitre.org", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://doc.pfsense.org/index.php/2.4.2_New_Features_and_Changes" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/opnsense/core/commit/d218b225" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/pfsense/pfsense/commit/386d89b07" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://www.netgate.com/blog/pfsense-2-4-2-release-p1-and-2-3-5-release-p1-now-available.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://www.securify.nl/en/advisory/SFY20171101/clickjacking-vulnerability-in-csrf-error-page-pfsense.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2017/11/22/7" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://doc.pfsense.org/index.php/2.4.2_New_Features_and_Changes" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/opnsense/core/commit/d218b225" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/pfsense/pfsense/commit/386d89b07" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://www.netgate.com/blog/pfsense-2-4-2-release-p1-and-2-3-5-release-p1-now-available.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://www.securify.nl/en/advisory/SFY20171101/clickjacking-vulnerability-in-csrf-error-page-pfsense.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-352" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-06-25 11:15
Modified
2024-11-21 04:23
Severity ?
Summary
In pfSense 2.4.4-p2 and 2.4.4-p3, if it is possible to trick an authenticated administrator into clicking on a button on a phishing page, an attacker can leverage XSS to upload arbitrary executable code, via diag_command.php and rrd_fetch_json.php (timePeriod parameter), to a server. Then, the remote attacker can run any command with root privileges on that server.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/tarantula-team/CVE-2019-12949 | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/tarantula-team/CVE-2019-12949 | Exploit, Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p2:*:*:*:*:*:*", "matchCriteriaId": "7F038B4C-BC0C-40A8-B547-36F0420CD800", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p3:*:*:*:*:*:*", "matchCriteriaId": "2FC53B2F-94B4-4985-B49E-652C6D3A9940", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "In pfSense 2.4.4-p2 and 2.4.4-p3, if it is possible to trick an authenticated administrator into clicking on a button on a phishing page, an attacker can leverage XSS to upload arbitrary executable code, via diag_command.php and rrd_fetch_json.php (timePeriod parameter), to a server. Then, the remote attacker can run any command with root privileges on that server." }, { "lang": "es", "value": "En pfSense versiones 2.4.4-p2 y 2.4.4-p3, si es posible enga\u00f1ar a un administrador autenticado para que haga cliquee sobre un bot\u00f3n en una p\u00e1gina de phishing, un atacante puede aprovechar un XSS para cargar c\u00f3digo ejecutable arbitrario, por medio de los archivos diag_command.php y rrd_fetch_json .php (par\u00e1metro timePeriod), hacia un servidor. Despu\u00e9s, el atacante remoto puede ejecutar cualquier comando con privilegios root en ese servidor." } ], "id": "CVE-2019-12949", "lastModified": "2024-11-21T04:23:53.053", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-06-25T11:15:10.280", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/tarantula-team/CVE-2019-12949" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://github.com/tarantula-team/CVE-2019-12949" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2020-04-01 16:15
Modified
2024-11-21 04:57
Severity ?
Summary
pfSense before 2.4.5 has stored XSS in system_usermanager_addprivs.php in the WebGUI via the descr parameter (aka full name) of a user.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "D211001F-1AF6-453C-A997-D45C099B5895", "versionEndExcluding": "2.4.5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "pfSense before 2.4.5 has stored XSS in system_usermanager_addprivs.php in the WebGUI via the descr parameter (aka full name) of a user." }, { "lang": "es", "value": "pfSense versiones anteriores a 2.4.5, presenta una vulnerabilidad de tipo XSS almacenado en el archivo system_usermanager_addprivs.php en la WebGUI por medio del par\u00e1metro descr (tambi\u00e9n se conoce como full name) de un usuario." } ], "id": "CVE-2020-11457", "lastModified": "2024-11-21T04:57:57.663", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2020-04-01T16:15:27.530", "references": [ { "source": "cve@mitre.org", "url": "http://packetstormsecurity.com/files/157104/pfSense-2.4.4-P3-User-Manager-Cross-Site-Scripting.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/pfsense/pfsense/commit/3c1e53dabe966f27c9097a5a923e77f49ae5fffa" }, { "source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/48300" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://www.netgate.com/assets/downloads/advisories/pfSense-SA-20_06.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://packetstormsecurity.com/files/157104/pfSense-2.4.4-P3-User-Manager-Cross-Site-Scripting.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/pfsense/pfsense/commit/3c1e53dabe966f27c9097a5a923e77f49ae5fffa" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/48300" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://www.netgate.com/assets/downloads/advisories/pfSense-SA-20_06.webgui.asc" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2019-09-26 18:15
Modified
2024-11-21 04:31
Severity ?
Summary
An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization (e.g., a basename call) for a pathname to file_get_contents or file_put_contents.
References
▶ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/pfsense/pfsense/commit/2c544ac61ce98f716d50b8e5961d7dfba66804b5 | Patch, Third Party Advisory | |
cve@mitre.org | https://redmine.pfsense.org/issues/9610 | Permissions Required, Third Party Advisory | |
cve@mitre.org | https://www.seebug.org/vuldb/ssvid-98024 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/pfsense/pfsense/commit/2c544ac61ce98f716d50b8e5961d7dfba66804b5 | Patch, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://redmine.pfsense.org/issues/9610 | Permissions Required, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.seebug.org/vuldb/ssvid-98024 | Third Party Advisory |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "2829D9BD-28CA-4E27-997A-25A96ED9B868", "versionEndExcluding": "2.4.4", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:-:*:*:*:*:*:*", "matchCriteriaId": "9A0A896A-691F-442E-9CDE-0EC1393C0C1C", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p1:*:*:*:*:*:*", "matchCriteriaId": "E6256A47-F8C7-4097-88D8-170E8E9AE45C", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p2:*:*:*:*:*:*", "matchCriteriaId": "7F038B4C-BC0C-40A8-B547-36F0420CD800", "vulnerable": true }, { "criteria": "cpe:2.3:a:netgate:pfsense:2.4.4:p3:*:*:*:*:*:*", "matchCriteriaId": "2FC53B2F-94B4-4985-B49E-652C6D3A9940", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization (e.g., a basename call) for a pathname to file_get_contents or file_put_contents." }, { "lang": "es", "value": "Se descubri\u00f3 un problema en pfSense versiones hasta 2.4.4-p3. El archivo widgets/widgets/picture.widget.php utiliza el par\u00e1metro widgetkey directamente sin saneamiento (por ejemplo, una llamada basename) para un nombre de ruta en file_get_contents o file_put_contents." } ], "id": "CVE-2019-16915", "lastModified": "2024-11-21T04:31:20.173", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-09-26T18:15:10.807", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/pfsense/pfsense/commit/2c544ac61ce98f716d50b8e5961d7dfba66804b5" }, { "source": "cve@mitre.org", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "https://redmine.pfsense.org/issues/9610" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://www.seebug.org/vuldb/ssvid-98024" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/pfsense/pfsense/commit/2c544ac61ce98f716d50b8e5961d7dfba66804b5" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Permissions Required", "Third Party Advisory" ], "url": "https://redmine.pfsense.org/issues/9610" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://www.seebug.org/vuldb/ssvid-98024" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-22" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2014-07-02 10:35
Modified
2025-04-12 10:46
Severity ?
Summary
pfSense before 2.1.4, when HTTP is used, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "matchCriteriaId": "C9106AF8-77A8-474E-8347-AE00B27DF00F", "versionEndIncluding": "2.1.3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "pfSense before 2.1.4, when HTTP is used, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie." }, { "lang": "es", "value": "pfSense anterior a 2.1.4, cuando HTTP est\u00e1 utilizado, no incluye la etiqueta HTTPOnly en una cabecera Set-Cookie para la cookie de la sesi\u00f3n, lo que facilita a atacantes remotos obtener informaci\u00f3n potencialmente sensible a trav\u00e9s de acceso de secuencias de comandos a esta cookie." } ], "id": "CVE-2014-4692", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2014-07-02T10:35:26.033", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_12.webgui.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_12.webgui.asc" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-200" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
CVE-2017-1000479 (GCVE-0-2017-1000479)
Vulnerability from cvelistv5
Published
2018-01-03 18:00
Modified
2024-08-05 22:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
pfSense versions 2.4.1 and lower are vulnerable to clickjacking attacks in the CSRF error page resulting in privileged execution of arbitrary code, because the error detection occurs before an X-Frame-Options header is set. This is fixed in 2.4.2-RELEASE. OPNsense, a 2015 fork of pfSense, was not vulnerable since version 16.1.16 released on June 06, 2016. The unprotected web form was removed from the code during an internal security audit under "possibly insecure" suspicions.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:00:41.563Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://doc.pfsense.org/index.php/2.4.2_New_Features_and_Changes" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.netgate.com/blog/pfsense-2-4-2-release-p1-and-2-3-5-release-p1-now-available.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/opnsense/core/commit/d218b225" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.securify.nl/en/advisory/SFY20171101/clickjacking-vulnerability-in-csrf-error-page-pfsense.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/pfsense/pfsense/commit/386d89b07" }, { "name": "[oss-security] 20171122 Clickjacking vulnerability in CSRF error page pfSense", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2017/11/22/7" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "dateAssigned": "2017-12-29T00:00:00", "datePublic": "2018-01-03T00:00:00", "descriptions": [ { "lang": "en", "value": "pfSense versions 2.4.1 and lower are vulnerable to clickjacking attacks in the CSRF error page resulting in privileged execution of arbitrary code, because the error detection occurs before an X-Frame-Options header is set. This is fixed in 2.4.2-RELEASE. OPNsense, a 2015 fork of pfSense, was not vulnerable since version 16.1.16 released on June 06, 2016. The unprotected web form was removed from the code during an internal security audit under \"possibly insecure\" suspicions." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-04T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://doc.pfsense.org/index.php/2.4.2_New_Features_and_Changes" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.netgate.com/blog/pfsense-2-4-2-release-p1-and-2-3-5-release-p1-now-available.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/opnsense/core/commit/d218b225" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.securify.nl/en/advisory/SFY20171101/clickjacking-vulnerability-in-csrf-error-page-pfsense.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/pfsense/pfsense/commit/386d89b07" }, { "name": "[oss-security] 20171122 Clickjacking vulnerability in CSRF error page pfSense", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2017/11/22/7" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "2017-12-29", "ID": "CVE-2017-1000479", "REQUESTER": "franco@opnsense.org", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "pfSense versions 2.4.1 and lower are vulnerable to clickjacking attacks in the CSRF error page resulting in privileged execution of arbitrary code, because the error detection occurs before an X-Frame-Options header is set. This is fixed in 2.4.2-RELEASE. OPNsense, a 2015 fork of pfSense, was not vulnerable since version 16.1.16 released on June 06, 2016. The unprotected web form was removed from the code during an internal security audit under \"possibly insecure\" suspicions." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://doc.pfsense.org/index.php/2.4.2_New_Features_and_Changes", "refsource": "MISC", "url": "https://doc.pfsense.org/index.php/2.4.2_New_Features_and_Changes" }, { "name": "https://www.netgate.com/blog/pfsense-2-4-2-release-p1-and-2-3-5-release-p1-now-available.html", "refsource": "MISC", "url": "https://www.netgate.com/blog/pfsense-2-4-2-release-p1-and-2-3-5-release-p1-now-available.html" }, { "name": "https://github.com/opnsense/core/commit/d218b225", "refsource": "MISC", "url": "https://github.com/opnsense/core/commit/d218b225" }, { "name": "https://www.securify.nl/en/advisory/SFY20171101/clickjacking-vulnerability-in-csrf-error-page-pfsense.html", "refsource": "MISC", "url": "https://www.securify.nl/en/advisory/SFY20171101/clickjacking-vulnerability-in-csrf-error-page-pfsense.html" }, { "name": "https://github.com/pfsense/pfsense/commit/386d89b07", "refsource": "MISC", "url": "https://github.com/pfsense/pfsense/commit/386d89b07" }, { "name": "[oss-security] 20171122 Clickjacking vulnerability in CSRF error page pfSense", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2017/11/22/7" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-1000479", "datePublished": "2018-01-03T18:00:00", "dateReserved": "2018-01-03T00:00:00", "dateUpdated": "2024-08-05T22:00:41.563Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-6510 (GCVE-0-2015-6510)
Vulnerability from cvelistv5
Published
2015-08-18 15:00
Modified
2024-09-16 23:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple cross-site scripting (XSS) vulnerabilities in pfSense before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) srctrack, (2) use_mfs_tmp_size, or (3) use_mfs_var_size parameter to system_advanced_misc.php; the (4) port, (5) snaplen, or (6) count parameter to diag_packet_capture.php; the (7) pppoe_resethour, (8) pppoe_resetminute, (9) wpa_group_rekey, or (10) wpa_gmk_rekey parameter to interfaces.php; the (11) pppoe_resethour or (12) pppoe_resetminute parameter to interfaces_ppps_edit.php; the (13) member[] parameter to interfaces_qinq_edit.php; the (14) port or (15) retry parameter to load_balancer_pool_edit.php; the (16) pkgrepourl parameter to pkg_mgr_settings.php; the (17) zone parameter to services_captiveportal.php; the port parameter to (18) services_dnsmasq.php or (19) services_unbound.php; the (20) cache_max_ttl or (21) cache_min_ttl parameter to services_unbound_advanced.php; the (22) sshport parameter to system_advanced_admin.php; the (23) id, (24) tunable, (25) descr, or (26) value parameter to system_advanced_sysctl.php; the (27) firmwareurl, (28) repositoryurl, or (29) branch parameter to system_firmware_settings.php; the (30) pfsyncpeerip, (31) synchronizetoip, (32) username, or (33) passwordfld parameter to system_hasync.php; the (34) maxmss parameter to vpn_ipsec_settings.php; the (35) ntp_server1, (36) ntp_server2, (37) wins_server1, or (38) wins_server2 parameter to vpn_openvpn_csc.php; or unspecified parameters to (39) load_balancer_relay_action.php, (40) load_balancer_relay_action_edit.php, (41) load_balancer_relay_protocol.php, or (42) load_balancer_relay_protocol_edit.php.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:22:22.255Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in pfSense before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) srctrack, (2) use_mfs_tmp_size, or (3) use_mfs_var_size parameter to system_advanced_misc.php; the (4) port, (5) snaplen, or (6) count parameter to diag_packet_capture.php; the (7) pppoe_resethour, (8) pppoe_resetminute, (9) wpa_group_rekey, or (10) wpa_gmk_rekey parameter to interfaces.php; the (11) pppoe_resethour or (12) pppoe_resetminute parameter to interfaces_ppps_edit.php; the (13) member[] parameter to interfaces_qinq_edit.php; the (14) port or (15) retry parameter to load_balancer_pool_edit.php; the (16) pkgrepourl parameter to pkg_mgr_settings.php; the (17) zone parameter to services_captiveportal.php; the port parameter to (18) services_dnsmasq.php or (19) services_unbound.php; the (20) cache_max_ttl or (21) cache_min_ttl parameter to services_unbound_advanced.php; the (22) sshport parameter to system_advanced_admin.php; the (23) id, (24) tunable, (25) descr, or (26) value parameter to system_advanced_sysctl.php; the (27) firmwareurl, (28) repositoryurl, or (29) branch parameter to system_firmware_settings.php; the (30) pfsyncpeerip, (31) synchronizetoip, (32) username, or (33) passwordfld parameter to system_hasync.php; the (34) maxmss parameter to vpn_ipsec_settings.php; the (35) ntp_server1, (36) ntp_server2, (37) wins_server1, or (38) wins_server2 parameter to vpn_openvpn_csc.php; or unspecified parameters to (39) load_balancer_relay_action.php, (40) load_balancer_relay_action_edit.php, (41) load_balancer_relay_protocol.php, or (42) load_balancer_relay_protocol_edit.php." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2015-08-18T15:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-6510", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in pfSense before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) srctrack, (2) use_mfs_tmp_size, or (3) use_mfs_var_size parameter to system_advanced_misc.php; the (4) port, (5) snaplen, or (6) count parameter to diag_packet_capture.php; the (7) pppoe_resethour, (8) pppoe_resetminute, (9) wpa_group_rekey, or (10) wpa_gmk_rekey parameter to interfaces.php; the (11) pppoe_resethour or (12) pppoe_resetminute parameter to interfaces_ppps_edit.php; the (13) member[] parameter to interfaces_qinq_edit.php; the (14) port or (15) retry parameter to load_balancer_pool_edit.php; the (16) pkgrepourl parameter to pkg_mgr_settings.php; the (17) zone parameter to services_captiveportal.php; the port parameter to (18) services_dnsmasq.php or (19) services_unbound.php; the (20) cache_max_ttl or (21) cache_min_ttl parameter to services_unbound_advanced.php; the (22) sshport parameter to system_advanced_admin.php; the (23) id, (24) tunable, (25) descr, or (26) value parameter to system_advanced_sysctl.php; the (27) firmwareurl, (28) repositoryurl, or (29) branch parameter to system_firmware_settings.php; the (30) pfsyncpeerip, (31) synchronizetoip, (32) username, or (33) passwordfld parameter to system_hasync.php; the (34) maxmss parameter to vpn_ipsec_settings.php; the (35) ntp_server1, (36) ntp_server2, (37) wins_server1, or (38) wins_server2 parameter to vpn_openvpn_csc.php; or unspecified parameters to (39) load_balancer_relay_action.php, (40) load_balancer_relay_action_edit.php, (41) load_balancer_relay_protocol.php, or (42) load_balancer_relay_protocol_edit.php." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc", "refsource": "CONFIRM", "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-6510", "datePublished": "2015-08-18T15:00:00Z", "dateReserved": "2015-08-18T00:00:00Z", "dateUpdated": "2024-09-16T23:21:56.441Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-21487 (GCVE-0-2020-21487)
Vulnerability from cvelistv5
Published
2023-04-04 00:00
Modified
2025-02-13 16:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows attackers to execute arbitrary code via the RootFolder field of acme_certificates.php.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T14:30:33.492Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/pfsense/FreeBSD-ports/commit/a6f443cde51e7fcf17e51f16014d3589253284d8" }, { "tags": [ "x_transferred" ], "url": "https://redmine.pfsense.org/issues/9888" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2020-21487", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-02-13T16:35:25.335734Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-02-13T16:36:13.194Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows attackers to execute arbitrary code via the RootFolder field of acme_certificates.php." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-04T00:00:00.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/pfsense/FreeBSD-ports/commit/a6f443cde51e7fcf17e51f16014d3589253284d8" }, { "url": "https://redmine.pfsense.org/issues/9888" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-21487", "datePublished": "2023-04-04T00:00:00.000Z", "dateReserved": "2020-08-13T00:00:00.000Z", "dateUpdated": "2025-02-13T16:36:13.194Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4692 (GCVE-0-2014-4692)
Vulnerability from cvelistv5
Published
2014-07-02 10:00
Modified
2024-08-06 11:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
pfSense before 2.1.4, when HTTP is used, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:27:35.302Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_12.webgui.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-06-25T00:00:00", "descriptions": [ { "lang": "en", "value": "pfSense before 2.1.4, when HTTP is used, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2014-07-02T04:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_12.webgui.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-4692", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "pfSense before 2.1.4, when HTTP is used, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://pfsense.org/security/advisories/pfSense-SA-14_12.webgui.asc", "refsource": "CONFIRM", "url": "https://pfsense.org/security/advisories/pfSense-SA-14_12.webgui.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-4692", "datePublished": "2014-07-02T10:00:00", "dateReserved": "2014-06-28T00:00:00", "dateUpdated": "2024-08-06T11:27:35.302Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4690 (GCVE-0-2014-4690)
Vulnerability from cvelistv5
Published
2014-07-02 10:00
Modified
2024-08-06 11:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple directory traversal vulnerabilities in pfSense before 2.1.4 allow (1) remote attackers to read arbitrary .info files via a crafted path in the pkg parameter to pkg_mgr_install.php and allow (2) remote authenticated users to read arbitrary files via the downloadbackup parameter to system_firmware_restorefullbackup.php.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:27:36.523Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_11.webgui.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-06-25T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple directory traversal vulnerabilities in pfSense before 2.1.4 allow (1) remote attackers to read arbitrary .info files via a crafted path in the pkg parameter to pkg_mgr_install.php and allow (2) remote authenticated users to read arbitrary files via the downloadbackup parameter to system_firmware_restorefullbackup.php." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2014-07-02T04:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_11.webgui.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-4690", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple directory traversal vulnerabilities in pfSense before 2.1.4 allow (1) remote attackers to read arbitrary .info files via a crafted path in the pkg parameter to pkg_mgr_install.php and allow (2) remote authenticated users to read arbitrary files via the downloadbackup parameter to system_firmware_restorefullbackup.php." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://pfsense.org/security/advisories/pfSense-SA-14_11.webgui.asc", "refsource": "CONFIRM", "url": "https://pfsense.org/security/advisories/pfSense-SA-14_11.webgui.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-4690", "datePublished": "2014-07-02T10:00:00", "dateReserved": "2014-06-28T00:00:00", "dateUpdated": "2024-08-06T11:27:36.523Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2019-16701 (GCVE-0-2019-16701)
Vulnerability from cvelistv5
Published
2019-09-25 15:45
Modified
2024-08-05 01:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.exec_php call containing shell metacharacters in a parameter value.
References
► | URL | Tags |
---|---|---|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T01:17:41.164Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/pfsense/pfsense/commits/master" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/154587/pfSense-2.3.4-2.4.4-p3-Remote-Code-Injection.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://hackernews.blog/pfsense-2-3-4-2-4-4-p3-remote-code-injection/#more" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.exec_php call containing shell metacharacters in a parameter value." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-09-25T15:45:56", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/pfsense/pfsense/commits/master" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/154587/pfSense-2.3.4-2.4.4-p3-Remote-Code-Injection.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://hackernews.blog/pfsense-2-3-4-2-4-4-p3-remote-code-injection/#more" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-16701", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.exec_php call containing shell metacharacters in a parameter value." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/pfsense/pfsense/commits/master", "refsource": "MISC", "url": "https://github.com/pfsense/pfsense/commits/master" }, { "name": "http://packetstormsecurity.com/files/154587/pfSense-2.3.4-2.4.4-p3-Remote-Code-Injection.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/154587/pfSense-2.3.4-2.4.4-p3-Remote-Code-Injection.html" }, { "name": "https://hackernews.blog/pfsense-2-3-4-2-4-4-p3-remote-code-injection/#more", "refsource": "MISC", "url": "https://hackernews.blog/pfsense-2-3-4-2-4-4-p3-remote-code-injection/#more" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-16701", "datePublished": "2019-09-25T15:45:56", "dateReserved": "2019-09-22T00:00:00", "dateUpdated": "2024-08-05T01:17:41.164Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4693 (GCVE-0-2014-4693)
Vulnerability from cvelistv5
Published
2014-07-02 10:00
Modified
2024-08-06 11:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the Snort package before 3.0.13 for pfSense through 2.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the eng parameter to snort_import_aliases.php or (2) unspecified variables to snort_select_alias.php.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:27:36.132Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-06-25T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Snort package before 3.0.13 for pfSense through 2.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the eng parameter to snort_import_aliases.php or (2) unspecified variables to snort_select_alias.php." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2014-07-02T04:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-4693", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Snort package before 3.0.13 for pfSense through 2.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the eng parameter to snort_import_aliases.php or (2) unspecified variables to snort_select_alias.php." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc", "refsource": "CONFIRM", "url": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-4693", "datePublished": "2014-07-02T10:00:00", "dateReserved": "2014-06-28T00:00:00", "dateUpdated": "2024-08-06T11:27:36.132Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2022-26019 (GCVE-0-2022-26019)
Vulnerability from cvelistv5
Published
2022-03-31 07:21
Modified
2024-08-03 04:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Access Control
Summary
Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, which may result in arbitrary command execution.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
pfSense | pfSense CE and pfSense Plus |
Version: pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:56:37.518Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://jvn.jp/en/jp/JVN87751554/index.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-22_01.webgui.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "pfSense CE and pfSense Plus", "vendor": "pfSense", "versions": [ { "status": "affected", "version": "pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, which may result in arbitrary command execution." } ], "problemTypes": [ { "descriptions": [ { "description": "Improper Access Control", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-03-31T07:21:31", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://jvn.jp/en/jp/JVN87751554/index.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-22_01.webgui.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2022-26019", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "pfSense CE and pfSense Plus", "version": { "version_data": [ { "version_value": "pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01" } ] } } ] }, "vendor_name": "pfSense" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, which may result in arbitrary command execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Improper Access Control" } ] } ] }, "references": { "reference_data": [ { "name": "https://jvn.jp/en/jp/JVN87751554/index.html", "refsource": "MISC", "url": "https://jvn.jp/en/jp/JVN87751554/index.html" }, { "name": "https://docs.netgate.com/downloads/pfSense-SA-22_01.webgui.asc", "refsource": "MISC", "url": "https://docs.netgate.com/downloads/pfSense-SA-22_01.webgui.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2022-26019", "datePublished": "2022-03-31T07:21:31", "dateReserved": "2022-03-06T00:00:00", "dateUpdated": "2024-08-03T04:56:37.518Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2019-16915 (GCVE-0-2019-16915)
Vulnerability from cvelistv5
Published
2019-09-26 17:38
Modified
2024-08-05 01:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization (e.g., a basename call) for a pathname to file_get_contents or file_put_contents.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T01:24:48.530Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://redmine.pfsense.org/issues/9610" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/pfsense/pfsense/commit/2c544ac61ce98f716d50b8e5961d7dfba66804b5" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.seebug.org/vuldb/ssvid-98024" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization (e.g., a basename call) for a pathname to file_get_contents or file_put_contents." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-09-26T17:38:42", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://redmine.pfsense.org/issues/9610" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/pfsense/pfsense/commit/2c544ac61ce98f716d50b8e5961d7dfba66804b5" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.seebug.org/vuldb/ssvid-98024" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-16915", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization (e.g., a basename call) for a pathname to file_get_contents or file_put_contents." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://redmine.pfsense.org/issues/9610", "refsource": "MISC", "url": "https://redmine.pfsense.org/issues/9610" }, { "name": "https://github.com/pfsense/pfsense/commit/2c544ac61ce98f716d50b8e5961d7dfba66804b5", "refsource": "MISC", "url": "https://github.com/pfsense/pfsense/commit/2c544ac61ce98f716d50b8e5961d7dfba66804b5" }, { "name": "https://www.seebug.org/vuldb/ssvid-98024", "refsource": "MISC", "url": "https://www.seebug.org/vuldb/ssvid-98024" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-16915", "datePublished": "2019-09-26T17:38:42", "dateReserved": "2019-09-26T00:00:00", "dateUpdated": "2024-08-05T01:24:48.530Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-46538 (GCVE-0-2024-46538)
Vulnerability from cvelistv5
Published
2024-10-22 00:00
Modified
2024-10-22 18:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $pconfig variable at interfaces_groups_edit.php.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:pfsense:pfsense:2.5.2:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "pfsense", "vendor": "pfsense", "versions": [ { "status": "affected", "version": "2.5.2" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-46538", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-22T18:47:46.881774Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-22T18:51:47.447Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $pconfig variable at interfaces_groups_edit.php." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-22T16:53:26.683223", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/physicszq/web_issue/blob/main/pfsense/interfaces_groups_edit_file.md_xss.md" }, { "url": "https://redmine.pfsense.org/issues/15778" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2024-46538", "datePublished": "2024-10-22T00:00:00", "dateReserved": "2024-09-11T00:00:00", "dateUpdated": "2024-10-22T18:51:47.447Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-6511 (GCVE-0-2015-6511)
Vulnerability from cvelistv5
Published
2015-08-18 15:00
Modified
2024-09-17 00:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the server[] parameter to services_ntpd.php.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:22:22.239Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the server[] parameter to services_ntpd.php." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2015-08-18T15:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-6511", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the server[] parameter to services_ntpd.php." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc", "refsource": "CONFIRM", "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-6511", "datePublished": "2015-08-18T15:00:00Z", "dateReserved": "2015-08-18T00:00:00Z", "dateUpdated": "2024-09-17T00:37:18.726Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2018-4020 (GCVE-0-2018-4020)
Vulnerability from cvelistv5
Published
2018-12-03 22:00
Modified
2024-09-16 21:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- OS command injection
Summary
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_ac_mode` POST parameter parameter.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Netgate | Netgate pfSense |
Version: Netgate pfSense CE 2.4.4-RELEASE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:04:28.279Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Netgate pfSense", "vendor": "Netgate", "versions": [ { "status": "affected", "version": "Netgate pfSense CE 2.4.4-RELEASE" } ] } ], "datePublic": "2018-12-03T00:00:00", "descriptions": [ { "lang": "en", "value": "An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_ac_mode` POST parameter parameter." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "description": "OS command injection", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-04-19T18:08:20", "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "talos-cna@cisco.com", "DATE_PUBLIC": "2018-12-03T00:00:00", "ID": "CVE-2018-4020", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Netgate pfSense", "version": { "version_data": [ { "version_value": "Netgate pfSense CE 2.4.4-RELEASE" } ] } } ] }, "vendor_name": "Netgate" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_ac_mode` POST parameter parameter." } ] }, "impact": { "cvss": { "baseScore": 7.2, "baseSeverity": "High", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "OS command injection" } ] } ] }, "references": { "reference_data": [ { "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690", "refsource": "MISC", "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690" } ] } } } }, "cveMetadata": { "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "assignerShortName": "talos", "cveId": "CVE-2018-4020", "datePublished": "2018-12-03T22:00:00Z", "dateReserved": "2018-01-02T00:00:00", "dateUpdated": "2024-09-16T21:56:37.283Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-42327 (GCVE-0-2023-42327)
Vulnerability from cvelistv5
Published
2023-11-14 00:00
Modified
2024-08-02 19:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted URL to the getserviceproviders.php page.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T19:16:51.036Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-23_08.webgui.asc" }, { "tags": [ "x_transferred" ], "url": "https://www.sonarsource.com/blog/pfsense-vulnerabilities-sonarcloud/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted URL to the getserviceproviders.php page." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-12T19:57:52.346378", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://docs.netgate.com/downloads/pfSense-SA-23_08.webgui.asc" }, { "url": "https://www.sonarsource.com/blog/pfsense-vulnerabilities-sonarcloud/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-42327", "datePublished": "2023-11-14T00:00:00", "dateReserved": "2023-09-08T00:00:00", "dateUpdated": "2024-08-02T19:16:51.036Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2019-16914 (GCVE-0-2019-16914)
Vulnerability from cvelistv5
Published
2019-09-26 17:38
Modified
2024-08-05 01:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An XSS issue was discovered in pfSense through 2.4.4-p3. In services_captiveportal_mac.php, the username and delmac parameters are displayed without sanitization.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T01:24:48.605Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://redmine.pfsense.org/issues/9609" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/pfsense/pfsense/commit/d31362b69d5d52dc196dc72f66e830cd1e6e9a4f" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.seebug.org/vuldb/ssvid-98023" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An XSS issue was discovered in pfSense through 2.4.4-p3. In services_captiveportal_mac.php, the username and delmac parameters are displayed without sanitization." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-09-26T17:38:53", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://redmine.pfsense.org/issues/9609" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/pfsense/pfsense/commit/d31362b69d5d52dc196dc72f66e830cd1e6e9a4f" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.seebug.org/vuldb/ssvid-98023" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-16914", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An XSS issue was discovered in pfSense through 2.4.4-p3. In services_captiveportal_mac.php, the username and delmac parameters are displayed without sanitization." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://redmine.pfsense.org/issues/9609", "refsource": "MISC", "url": "https://redmine.pfsense.org/issues/9609" }, { "name": "https://github.com/pfsense/pfsense/commit/d31362b69d5d52dc196dc72f66e830cd1e6e9a4f", "refsource": "MISC", "url": "https://github.com/pfsense/pfsense/commit/d31362b69d5d52dc196dc72f66e830cd1e6e9a4f" }, { "name": "https://www.seebug.org/vuldb/ssvid-98023", "refsource": "MISC", "url": "https://www.seebug.org/vuldb/ssvid-98023" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-16914", "datePublished": "2019-09-26T17:38:53", "dateReserved": "2019-09-26T00:00:00", "dateUpdated": "2024-08-05T01:24:48.605Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-21219 (GCVE-0-2020-21219)
Vulnerability from cvelistv5
Published
2022-12-15 00:00
Modified
2025-04-25 14:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross Site Scripting (XSS) vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the RootFolder field to acme_certificate_edit.php page of the ACME package.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T14:22:25.530Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/pfsense/FreeBSD-ports/commit/a6f443cde51e7fcf17e51f16014d3589253284d8" }, { "tags": [ "x_transferred" ], "url": "https://redmine.pfsense.org/issues/9888" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2020-21219", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-04-25T14:34:34.230111Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-04-25T14:34:36.701Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Cross Site Scripting (XSS) vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the RootFolder field to acme_certificate_edit.php page of the ACME package." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-15T00:00:00.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/pfsense/FreeBSD-ports/commit/a6f443cde51e7fcf17e51f16014d3589253284d8" }, { "url": "https://redmine.pfsense.org/issues/9888" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-21219", "datePublished": "2022-12-15T00:00:00.000Z", "dateReserved": "2020-08-13T00:00:00.000Z", "dateUpdated": "2025-04-25T14:34:36.701Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4687 (GCVE-0-2014-4687)
Vulnerability from cvelistv5
Published
2014-07-02 10:00
Modified
2024-08-06 11:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple cross-site scripting (XSS) vulnerabilities in pfSense before 2.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the starttime0 parameter to firewall_schedule.php, (2) the rssfeed parameter to rss.widget.php, (3) the servicestatusfilter parameter to services_status.widget.php, (4) the txtRecallBuffer parameter to exec.php, or (5) the HTTP Referer header to log.widget.php.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:27:36.219Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_09.webgui.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-06-25T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in pfSense before 2.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the starttime0 parameter to firewall_schedule.php, (2) the rssfeed parameter to rss.widget.php, (3) the servicestatusfilter parameter to services_status.widget.php, (4) the txtRecallBuffer parameter to exec.php, or (5) the HTTP Referer header to log.widget.php." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2014-07-02T04:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_09.webgui.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-4687", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in pfSense before 2.1.4 allow remote attackers to inject arbitrary web script or HTML via (1) the starttime0 parameter to firewall_schedule.php, (2) the rssfeed parameter to rss.widget.php, (3) the servicestatusfilter parameter to services_status.widget.php, (4) the txtRecallBuffer parameter to exec.php, or (5) the HTTP Referer header to log.widget.php." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://pfsense.org/security/advisories/pfSense-SA-14_09.webgui.asc", "refsource": "CONFIRM", "url": "https://pfsense.org/security/advisories/pfSense-SA-14_09.webgui.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-4687", "datePublished": "2014-07-02T10:00:00", "dateReserved": "2014-06-28T00:00:00", "dateUpdated": "2024-08-06T11:27:36.219Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4689 (GCVE-0-2014-4689)
Vulnerability from cvelistv5
Published
2014-07-02 10:00
Modified
2024-08-06 11:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Absolute path traversal vulnerability in pkg_edit.php in pfSense before 2.1.4 allows remote attackers to read arbitrary XML files via a full pathname in the xml parameter.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:27:35.304Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_11.webgui.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-06-25T00:00:00", "descriptions": [ { "lang": "en", "value": "Absolute path traversal vulnerability in pkg_edit.php in pfSense before 2.1.4 allows remote attackers to read arbitrary XML files via a full pathname in the xml parameter." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2014-07-02T04:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_11.webgui.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-4689", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Absolute path traversal vulnerability in pkg_edit.php in pfSense before 2.1.4 allows remote attackers to read arbitrary XML files via a full pathname in the xml parameter." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://pfsense.org/security/advisories/pfSense-SA-14_11.webgui.asc", "refsource": "CONFIRM", "url": "https://pfsense.org/security/advisories/pfSense-SA-14_11.webgui.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-4689", "datePublished": "2014-07-02T10:00:00", "dateReserved": "2014-06-28T00:00:00", "dateUpdated": "2024-08-06T11:27:35.304Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2019-12949 (GCVE-0-2019-12949)
Vulnerability from cvelistv5
Published
2019-06-25 10:55
Modified
2024-08-04 23:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In pfSense 2.4.4-p2 and 2.4.4-p3, if it is possible to trick an authenticated administrator into clicking on a button on a phishing page, an attacker can leverage XSS to upload arbitrary executable code, via diag_command.php and rrd_fetch_json.php (timePeriod parameter), to a server. Then, the remote attacker can run any command with root privileges on that server.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T23:32:55.584Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/tarantula-team/CVE-2019-12949" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In pfSense 2.4.4-p2 and 2.4.4-p3, if it is possible to trick an authenticated administrator into clicking on a button on a phishing page, an attacker can leverage XSS to upload arbitrary executable code, via diag_command.php and rrd_fetch_json.php (timePeriod parameter), to a server. Then, the remote attacker can run any command with root privileges on that server." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-25T10:55:17", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/tarantula-team/CVE-2019-12949" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-12949", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In pfSense 2.4.4-p2 and 2.4.4-p3, if it is possible to trick an authenticated administrator into clicking on a button on a phishing page, an attacker can leverage XSS to upload arbitrary executable code, via diag_command.php and rrd_fetch_json.php (timePeriod parameter), to a server. Then, the remote attacker can run any command with root privileges on that server." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/tarantula-team/CVE-2019-12949", "refsource": "MISC", "url": "https://github.com/tarantula-team/CVE-2019-12949" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-12949", "datePublished": "2019-06-25T10:55:17", "dateReserved": "2019-06-24T00:00:00", "dateUpdated": "2024-08-04T23:32:55.584Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2019-16667 (GCVE-0-2019-16667)
Vulnerability from cvelistv5
Published
2019-09-26 18:38
Modified
2024-08-05 01:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
diag_command.php in pfSense 2.4.4-p3 allows CSRF via the txtCommand or txtRecallBuffer field, as demonstrated by executing OS commands. This occurs because csrf_callback() produces a "CSRF token expired" error and a Try Again button when a CSRF token is missing.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T01:17:41.055Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://pastebin.com/TEJdu9LN" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/158614/pfSense-2.4.4-p3-Cross-Site-Request-Forgery.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "diag_command.php in pfSense 2.4.4-p3 allows CSRF via the txtCommand or txtRecallBuffer field, as demonstrated by executing OS commands. This occurs because csrf_callback() produces a \"CSRF token expired\" error and a Try Again button when a CSRF token is missing." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-07-27T20:06:09", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://pastebin.com/TEJdu9LN" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/158614/pfSense-2.4.4-p3-Cross-Site-Request-Forgery.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-16667", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "diag_command.php in pfSense 2.4.4-p3 allows CSRF via the txtCommand or txtRecallBuffer field, as demonstrated by executing OS commands. This occurs because csrf_callback() produces a \"CSRF token expired\" error and a Try Again button when a CSRF token is missing." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://pastebin.com/TEJdu9LN", "refsource": "MISC", "url": "https://pastebin.com/TEJdu9LN" }, { "name": "http://packetstormsecurity.com/files/158614/pfSense-2.4.4-p3-Cross-Site-Request-Forgery.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/158614/pfSense-2.4.4-p3-Cross-Site-Request-Forgery.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-16667", "datePublished": "2019-09-26T18:38:48", "dateReserved": "2019-09-21T00:00:00", "dateUpdated": "2024-08-05T01:17:41.055Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-4029 (GCVE-0-2015-4029)
Vulnerability from cvelistv5
Published
2015-08-18 15:00
Modified
2024-08-06 06:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in the WebGUI in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the zone parameter in a del action to services_captiveportal_zones.php.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T06:04:02.665Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20150713 Reflected XSS Attacks vulnerabilities in PFSense Version 2.2.2 (CVE-2015-4029)", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2015/Jul/66" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-05-25T00:00:00", "descriptions": [ { "lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the WebGUI in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the zone parameter in a del action to services_captiveportal_zones.php." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2015-08-18T14:57:05", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20150713 Reflected XSS Attacks vulnerabilities in PFSense Version 2.2.2 (CVE-2015-4029)", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/fulldisclosure/2015/Jul/66" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-4029", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in the WebGUI in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the zone parameter in a del action to services_captiveportal_zones.php." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20150713 Reflected XSS Attacks vulnerabilities in PFSense Version 2.2.2 (CVE-2015-4029)", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2015/Jul/66" }, { "name": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc", "refsource": "CONFIRM", "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-4029", "datePublished": "2015-08-18T15:00:00", "dateReserved": "2015-05-19T00:00:00", "dateUpdated": "2024-08-06T06:04:02.665Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-11457 (GCVE-0-2020-11457)
Vulnerability from cvelistv5
Published
2020-04-01 15:47
Modified
2024-08-04 11:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
pfSense before 2.4.5 has stored XSS in system_usermanager_addprivs.php in the WebGUI via the descr parameter (aka full name) of a user.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:28:14.125Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.netgate.com/assets/downloads/advisories/pfSense-SA-20_06.webgui.asc" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/pfsense/pfsense/commit/3c1e53dabe966f27c9097a5a923e77f49ae5fffa" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/157104/pfSense-2.4.4-P3-User-Manager-Cross-Site-Scripting.html" }, { "name": "Exploit Database", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/48300" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "pfSense before 2.4.5 has stored XSS in system_usermanager_addprivs.php in the WebGUI via the descr parameter (aka full name) of a user." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-04-07T14:21:50", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.netgate.com/assets/downloads/advisories/pfSense-SA-20_06.webgui.asc" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/pfsense/pfsense/commit/3c1e53dabe966f27c9097a5a923e77f49ae5fffa" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/157104/pfSense-2.4.4-P3-User-Manager-Cross-Site-Scripting.html" }, { "name": "Exploit Database", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/48300" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-11457", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "pfSense before 2.4.5 has stored XSS in system_usermanager_addprivs.php in the WebGUI via the descr parameter (aka full name) of a user." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.netgate.com/assets/downloads/advisories/pfSense-SA-20_06.webgui.asc", "refsource": "MISC", "url": "https://www.netgate.com/assets/downloads/advisories/pfSense-SA-20_06.webgui.asc" }, { "name": "https://github.com/pfsense/pfsense/commit/3c1e53dabe966f27c9097a5a923e77f49ae5fffa", "refsource": "MISC", "url": "https://github.com/pfsense/pfsense/commit/3c1e53dabe966f27c9097a5a923e77f49ae5fffa" }, { "name": "http://packetstormsecurity.com/files/157104/pfSense-2.4.4-P3-User-Manager-Cross-Site-Scripting.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/157104/pfSense-2.4.4-P3-User-Manager-Cross-Site-Scripting.html" }, { "name": "Exploit Database", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/48300" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-11457", "datePublished": "2020-04-01T15:47:58", "dateReserved": "2020-04-01T00:00:00", "dateUpdated": "2024-08-04T11:28:14.125Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2018-20798 (GCVE-0-2018-20798)
Vulnerability from cvelistv5
Published
2019-03-01 15:00
Modified
2024-08-05 12:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The expiretable configuration in pfSense 2.4.4_1 establishes block durations that are incompatible with the block durations implemented by sshguard, which might make it easier for attackers to bypass intended access restrictions.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T12:12:27.369Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://redmine.pfsense.org/issues/9223" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2019-03-01T00:00:00", "descriptions": [ { "lang": "en", "value": "The expiretable configuration in pfSense 2.4.4_1 establishes block durations that are incompatible with the block durations implemented by sshguard, which might make it easier for attackers to bypass intended access restrictions." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-03-01T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://redmine.pfsense.org/issues/9223" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20798", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The expiretable configuration in pfSense 2.4.4_1 establishes block durations that are incompatible with the block durations implemented by sshguard, which might make it easier for attackers to bypass intended access restrictions." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://redmine.pfsense.org/issues/9223", "refsource": "MISC", "url": "https://redmine.pfsense.org/issues/9223" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-20798", "datePublished": "2019-03-01T15:00:00", "dateReserved": "2019-03-01T00:00:00", "dateUpdated": "2024-08-05T12:12:27.369Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4695 (GCVE-0-2014-4695)
Vulnerability from cvelistv5
Published
2014-07-02 10:00
Modified
2024-08-06 11:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple open redirect vulnerabilities in the Snort package before 3.0.13 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to snort_rules_flowbits.php or (2) the returl parameter to snort_select_alias.php.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:27:36.009Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-06-25T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple open redirect vulnerabilities in the Snort package before 3.0.13 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to snort_rules_flowbits.php or (2) the returl parameter to snort_select_alias.php." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2014-07-02T04:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-4695", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple open redirect vulnerabilities in the Snort package before 3.0.13 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to snort_rules_flowbits.php or (2) the returl parameter to snort_select_alias.php." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc", "refsource": "CONFIRM", "url": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-4695", "datePublished": "2014-07-02T10:00:00", "dateReserved": "2014-06-28T00:00:00", "dateUpdated": "2024-08-06T11:27:36.009Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-1414 (GCVE-0-2015-1414)
Vulnerability from cvelistv5
Published
2015-02-27 15:00
Modified
2024-08-06 04:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 before p18, and 10.1 before p6 allows remote attackers to cause a denial of service (crash) via a crafted IGMP packet, which triggers an incorrect size calculation and allocation of insufficient memory.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T04:40:18.873Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-3175", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2015/dsa-3175" }, { "name": "72777", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/72777" }, { "name": "FreeBSD-SA-15:04", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-15:04.igmp.asc" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10107" }, { "name": "1031798", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1031798" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_02.igmp.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-02-25T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 before p18, and 10.1 before p6 allows remote attackers to cause a denial of service (crash) via a crafted IGMP packet, which triggers an incorrect size calculation and allocation of insufficient memory." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-12-30T16:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "DSA-3175", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2015/dsa-3175" }, { "name": "72777", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/72777" }, { "name": "FreeBSD-SA-15:04", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-15:04.igmp.asc" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10107" }, { "name": "1031798", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1031798" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_02.igmp.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-1414", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 before p18, and 10.1 before p6 allows remote attackers to cause a denial of service (crash) via a crafted IGMP packet, which triggers an incorrect size calculation and allocation of insufficient memory." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "DSA-3175", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3175" }, { "name": "72777", "refsource": "BID", "url": "http://www.securityfocus.com/bid/72777" }, { "name": "FreeBSD-SA-15:04", "refsource": "FREEBSD", "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-15:04.igmp.asc" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10107", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10107" }, { "name": "1031798", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1031798" }, { "name": "https://www.pfsense.org/security/advisories/pfSense-SA-15_02.igmp.asc", "refsource": "CONFIRM", "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_02.igmp.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-1414", "datePublished": "2015-02-27T15:00:00", "dateReserved": "2015-01-27T00:00:00", "dateUpdated": "2024-08-06T04:40:18.873Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-48123 (GCVE-0-2023-48123)
Vulnerability from cvelistv5
Published
2023-12-06 00:00
Modified
2024-08-02 21:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue in Netgate pfSense Plus v.23.05.1 and before and pfSense CE v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the packet_capture.php file.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T21:23:38.593Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://redmine.pfsense.org/issues/14809" }, { "tags": [ "x_transferred" ], "url": "https://github.com/pfsense/pfsense/commit/f72618c4abb61ea6346938d0c93df9078736b775" }, { "tags": [ "x_transferred" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-23_11.webgui.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue in Netgate pfSense Plus v.23.05.1 and before and pfSense CE v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the packet_capture.php file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-06T19:57:53.818974", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://redmine.pfsense.org/issues/14809" }, { "url": "https://github.com/pfsense/pfsense/commit/f72618c4abb61ea6346938d0c93df9078736b775" }, { "url": "https://docs.netgate.com/downloads/pfSense-SA-23_11.webgui.asc" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-48123", "datePublished": "2023-12-06T00:00:00", "dateReserved": "2023-11-13T00:00:00", "dateUpdated": "2024-08-02T21:23:38.593Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-2295 (GCVE-0-2015-2295)
Vulnerability from cvelistv5
Published
2015-04-10 14:00
Modified
2024-08-06 05:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site request forgery (CSRF) vulnerability in system_firmware_restorefullbackup.php in the WebGUI in pfSense before 2.2.1 allows remote attackers to hijack the authentication of administrators for requests that delete arbitrary files via the deletefile parameter.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T05:10:16.192Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20150325 Arbitrary file deletion and multiple XSS vulnerabilities in pfSense", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/534987/100/0/threaded" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_04.webgui.asc" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/131022/pfSense-2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html" }, { "name": "73344", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/73344" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.htbridge.com/advisory/HTB23251" }, { "name": "36506", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/36506/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-03-25T00:00:00", "descriptions": [ { "lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in system_firmware_restorefullbackup.php in the WebGUI in pfSense before 2.2.1 allows remote attackers to hijack the authentication of administrators for requests that delete arbitrary files via the deletefile parameter." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-09T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20150325 Arbitrary file deletion and multiple XSS vulnerabilities in pfSense", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/534987/100/0/threaded" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_04.webgui.asc" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/131022/pfSense-2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html" }, { "name": "73344", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/73344" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.htbridge.com/advisory/HTB23251" }, { "name": "36506", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/36506/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-2295", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Cross-site request forgery (CSRF) vulnerability in system_firmware_restorefullbackup.php in the WebGUI in pfSense before 2.2.1 allows remote attackers to hijack the authentication of administrators for requests that delete arbitrary files via the deletefile parameter." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20150325 Arbitrary file deletion and multiple XSS vulnerabilities in pfSense", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/534987/100/0/threaded" }, { "name": "https://www.pfsense.org/security/advisories/pfSense-SA-15_04.webgui.asc", "refsource": "CONFIRM", "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_04.webgui.asc" }, { "name": "http://packetstormsecurity.com/files/131022/pfSense-2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/131022/pfSense-2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html" }, { "name": "73344", "refsource": "BID", "url": "http://www.securityfocus.com/bid/73344" }, { "name": "https://www.htbridge.com/advisory/HTB23251", "refsource": "MISC", "url": "https://www.htbridge.com/advisory/HTB23251" }, { "name": "36506", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/36506/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-2295", "datePublished": "2015-04-10T14:00:00", "dateReserved": "2015-03-14T00:00:00", "dateUpdated": "2024-08-06T05:10:16.192Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4688 (GCVE-0-2014-4688)
Vulnerability from cvelistv5
Published
2014-07-02 10:00
Modified
2024-08-06 11:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
pfSense before 2.1.4 allows remote authenticated users to execute arbitrary commands via (1) the hostname value to diag_dns.php in a Create Alias action, (2) the smartmonemail value to diag_smart.php, or (3) the database value to status_rrd_graph_img.php.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:27:35.293Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_10.webgui.asc" }, { "name": "43560", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/43560/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-06-25T00:00:00", "descriptions": [ { "lang": "en", "value": "pfSense before 2.1.4 allows remote authenticated users to execute arbitrary commands via (1) the hostname value to diag_dns.php in a Create Alias action, (2) the smartmonemail value to diag_smart.php, or (3) the database value to status_rrd_graph_img.php." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-17T10:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_10.webgui.asc" }, { "name": "43560", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/43560/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-4688", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "pfSense before 2.1.4 allows remote authenticated users to execute arbitrary commands via (1) the hostname value to diag_dns.php in a Create Alias action, (2) the smartmonemail value to diag_smart.php, or (3) the database value to status_rrd_graph_img.php." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://pfsense.org/security/advisories/pfSense-SA-14_10.webgui.asc", "refsource": "CONFIRM", "url": "https://pfsense.org/security/advisories/pfSense-SA-14_10.webgui.asc" }, { "name": "43560", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/43560/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-4688", "datePublished": "2014-07-02T10:00:00", "dateReserved": "2014-06-28T00:00:00", "dateUpdated": "2024-08-06T11:27:35.293Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-53392 (GCVE-0-2025-53392)
Vulnerability from cvelistv5
Published
2025-06-28 00:00
Modified
2025-06-30 13:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-36 - Absolute Path Traversal
Summary
In Netgate pfSense CE 2.8.0, the "WebCfg - Diagnostics: Command" privilege allows reading arbitrary files via diag_command.php dlPath directory traversal. NOTE: the Supplier's perspective is that this is intended behavior for this privilege level, and that system administrators are informed through both the product documentation and UI.
References
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-53392", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-06-30T13:27:04.222331Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-06-30T13:32:27.839Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "references": [ { "tags": [ "exploit" ], "url": "https://github.com/skraft9/pfsense-security-research" } ], "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "pfSense", "vendor": "Netgate", "versions": [ { "status": "affected", "version": "2.8.0", "versionType": "custom" } ] } ], "cpeApplicability": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*", "versionEndIncluding": "2.8.0", "versionStartIncluding": "2.8.0", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "descriptions": [ { "lang": "en", "value": "In Netgate pfSense CE 2.8.0, the \"WebCfg - Diagnostics: Command\" privilege allows reading arbitrary files via diag_command.php dlPath directory traversal. NOTE: the Supplier\u0027s perspective is that this is intended behavior for this privilege level, and that system administrators are informed through both the product documentation and UI." } ], "metrics": [ { "cvssV3_1": { "baseScore": 5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-36", "description": "CWE-36 Absolute Path Traversal", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-06-28T22:27:49.881Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/skraft9/pfsense-security-research" } ], "tags": [ "disputed" ], "x_generator": { "engine": "enrichogram 0.0.1" } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2025-53392", "datePublished": "2025-06-28T00:00:00.000Z", "dateReserved": "2025-06-28T00:00:00.000Z", "dateUpdated": "2025-06-30T13:32:27.839Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-2294 (GCVE-0-2015-2294)
Vulnerability from cvelistv5
Published
2015-04-01 14:00
Modified
2024-08-06 05:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the WebGUI in pfSense before 2.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) zone parameter to status_captiveportal.php; (2) if or (3) dragtable parameter to firewall_rules.php; (4) queue parameter in an add action to firewall_shaper.php; (5) id parameter in an edit action to services_unbound_acls.php; or (6) filterlogentries_time, (7) filterlogentries_sourceipaddress, (8) filterlogentries_sourceport, (9) filterlogentries_destinationipaddress, (10) filterlogentries_interfaces, (11) filterlogentries_destinationport, (12) filterlogentries_protocolflags, or (13) filterlogentries_qty parameter to diag_logs_filter.php.
References
► | URL | Tags | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T05:10:16.129Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20150325 Arbitrary file deletion and multiple XSS vulnerabilities in pfSense", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/534987/100/0/threaded" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/131022/pfSense-2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_03.webgui.asc" }, { "name": "73344", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/73344" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.htbridge.com/advisory/HTB23251" }, { "name": "36506", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/36506/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-03-25T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the WebGUI in pfSense before 2.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) zone parameter to status_captiveportal.php; (2) if or (3) dragtable parameter to firewall_rules.php; (4) queue parameter in an add action to firewall_shaper.php; (5) id parameter in an edit action to services_unbound_acls.php; or (6) filterlogentries_time, (7) filterlogentries_sourceipaddress, (8) filterlogentries_sourceport, (9) filterlogentries_destinationipaddress, (10) filterlogentries_interfaces, (11) filterlogentries_destinationport, (12) filterlogentries_protocolflags, or (13) filterlogentries_qty parameter to diag_logs_filter.php." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-09T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20150325 Arbitrary file deletion and multiple XSS vulnerabilities in pfSense", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/534987/100/0/threaded" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/131022/pfSense-2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_03.webgui.asc" }, { "name": "73344", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/73344" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.htbridge.com/advisory/HTB23251" }, { "name": "36506", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/36506/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-2294", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the WebGUI in pfSense before 2.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) zone parameter to status_captiveportal.php; (2) if or (3) dragtable parameter to firewall_rules.php; (4) queue parameter in an add action to firewall_shaper.php; (5) id parameter in an edit action to services_unbound_acls.php; or (6) filterlogentries_time, (7) filterlogentries_sourceipaddress, (8) filterlogentries_sourceport, (9) filterlogentries_destinationipaddress, (10) filterlogentries_interfaces, (11) filterlogentries_destinationport, (12) filterlogentries_protocolflags, or (13) filterlogentries_qty parameter to diag_logs_filter.php." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20150325 Arbitrary file deletion and multiple XSS vulnerabilities in pfSense", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/534987/100/0/threaded" }, { "name": "http://packetstormsecurity.com/files/131022/pfSense-2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/131022/pfSense-2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html" }, { "name": "https://www.pfsense.org/security/advisories/pfSense-SA-15_03.webgui.asc", "refsource": "CONFIRM", "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_03.webgui.asc" }, { "name": "73344", "refsource": "BID", "url": "http://www.securityfocus.com/bid/73344" }, { "name": "https://www.htbridge.com/advisory/HTB23251", "refsource": "MISC", "url": "https://www.htbridge.com/advisory/HTB23251" }, { "name": "36506", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/36506/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-2294", "datePublished": "2015-04-01T14:00:00", "dateReserved": "2015-03-14T00:00:00", "dateUpdated": "2024-08-06T05:10:16.129Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-19203 (GCVE-0-2020-19203)
Vulnerability from cvelistv5
Published
2021-07-12 15:39
Modified
2024-08-04 14:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An authenticated Cross-Site Scripting (XSS) vulnerability was found in widgets/widgets/wake_on_lan_widget.php, a component of the pfSense software WebGUI, on version 2.4.4-p2 and earlier. The widget did not encode the descr (description) parameter of wake-on-LAN entries in its output, leading to a possible stored XSS.
References
► | URL | Tags | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T14:08:30.664Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.pfsense.org/download/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://gist.github.com/dharmeshbaskaran/55d546496bfb0ba28117e846d8b785db" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.netgate.com/assets/downloads/advisories/pfSense-SA-19_04.webgui.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An authenticated Cross-Site Scripting (XSS) vulnerability was found in widgets/widgets/wake_on_lan_widget.php, a component of the pfSense software WebGUI, on version 2.4.4-p2 and earlier. The widget did not encode the descr (description) parameter of wake-on-LAN entries in its output, leading to a possible stored XSS." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-08-04T18:12:54", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.pfsense.org/download/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://gist.github.com/dharmeshbaskaran/55d546496bfb0ba28117e846d8b785db" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.netgate.com/assets/downloads/advisories/pfSense-SA-19_04.webgui.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-19203", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An authenticated Cross-Site Scripting (XSS) vulnerability was found in widgets/widgets/wake_on_lan_widget.php, a component of the pfSense software WebGUI, on version 2.4.4-p2 and earlier. The widget did not encode the descr (description) parameter of wake-on-LAN entries in its output, leading to a possible stored XSS." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.pfsense.org/download/", "refsource": "MISC", "url": "https://www.pfsense.org/download/" }, { "name": "https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html", "refsource": "MISC", "url": "https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html" }, { "name": "https://gist.github.com/dharmeshbaskaran/55d546496bfb0ba28117e846d8b785db", "refsource": "MISC", "url": "https://gist.github.com/dharmeshbaskaran/55d546496bfb0ba28117e846d8b785db" }, { "name": "https://www.netgate.com/assets/downloads/advisories/pfSense-SA-19_04.webgui.asc", "refsource": "MISC", "url": "https://www.netgate.com/assets/downloads/advisories/pfSense-SA-19_04.webgui.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-19203", "datePublished": "2021-07-12T15:39:07", "dateReserved": "2020-08-13T00:00:00", "dateUpdated": "2024-08-04T14:08:30.664Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2018-4021 (GCVE-0-2018-4021)
Vulnerability from cvelistv5
Published
2018-12-03 22:00
Modified
2024-09-17 03:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- OS command injection
Summary
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_battery_mode` POST parameter.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Netgate | Netgate pfSense |
Version: Netgate pfSense CE 2.4.4-RELEASE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:04:28.524Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Netgate pfSense", "vendor": "Netgate", "versions": [ { "status": "affected", "version": "Netgate pfSense CE 2.4.4-RELEASE" } ] } ], "datePublic": "2018-12-03T00:00:00", "descriptions": [ { "lang": "en", "value": "An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_battery_mode` POST parameter." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "description": "OS command injection", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-04-19T18:08:22", "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "talos-cna@cisco.com", "DATE_PUBLIC": "2018-12-03T00:00:00", "ID": "CVE-2018-4021", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Netgate pfSense", "version": { "version_data": [ { "version_value": "Netgate pfSense CE 2.4.4-RELEASE" } ] } } ] }, "vendor_name": "Netgate" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_battery_mode` POST parameter." } ] }, "impact": { "cvss": { "baseScore": 7.2, "baseSeverity": "High", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "OS command injection" } ] } ] }, "references": { "reference_data": [ { "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690", "refsource": "MISC", "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690" } ] } } } }, "cveMetadata": { "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "assignerShortName": "talos", "cveId": "CVE-2018-4021", "datePublished": "2018-12-03T22:00:00Z", "dateReserved": "2018-01-02T00:00:00", "dateUpdated": "2024-09-17T03:22:31.782Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2018-16055 (GCVE-0-2018-16055)
Vulnerability from cvelistv5
Published
2018-09-26 22:00
Modified
2024-08-05 10:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An authenticated command injection vulnerability exists in status_interfaces.php via dhcp_relinquish_lease() in pfSense before 2.4.4 due to its passing user input from the $_POST parameters "ifdescr" and "ipv" to a shell without escaping the contents of the variables. This allows an authenticated WebGUI user with privileges for the affected page to execute commands in the context of the root user when submitting a request to relinquish a DHCP lease for an interface which is configured to obtain its address via DHCP.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T10:10:05.701Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-18_08.webgui.asc" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://doddsecurity.com/190/command-injection-on-pfsense-firewalls/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2018-08-28T00:00:00", "descriptions": [ { "lang": "en", "value": "An authenticated command injection vulnerability exists in status_interfaces.php via dhcp_relinquish_lease() in pfSense before 2.4.4 due to its passing user input from the $_POST parameters \"ifdescr\" and \"ipv\" to a shell without escaping the contents of the variables. This allows an authenticated WebGUI user with privileges for the affected page to execute commands in the context of the root user when submitting a request to relinquish a DHCP lease for an interface which is configured to obtain its address via DHCP." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-12-11T22:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-18_08.webgui.asc" }, { "tags": [ "x_refsource_MISC" ], "url": "https://doddsecurity.com/190/command-injection-on-pfsense-firewalls/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-16055", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An authenticated command injection vulnerability exists in status_interfaces.php via dhcp_relinquish_lease() in pfSense before 2.4.4 due to its passing user input from the $_POST parameters \"ifdescr\" and \"ipv\" to a shell without escaping the contents of the variables. This allows an authenticated WebGUI user with privileges for the affected page to execute commands in the context of the root user when submitting a request to relinquish a DHCP lease for an interface which is configured to obtain its address via DHCP." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.pfsense.org/security/advisories/pfSense-SA-18_08.webgui.asc", "refsource": "CONFIRM", "url": "https://www.pfsense.org/security/advisories/pfSense-SA-18_08.webgui.asc" }, { "name": "https://doddsecurity.com/190/command-injection-on-pfsense-firewalls/", "refsource": "MISC", "url": "https://doddsecurity.com/190/command-injection-on-pfsense-firewalls/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-16055", "datePublished": "2018-09-26T22:00:00", "dateReserved": "2018-08-28T00:00:00", "dateUpdated": "2024-08-05T10:10:05.701Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2019-12347 (GCVE-0-2019-12347)
Vulnerability from cvelistv5
Published
2019-05-29 18:29
Modified
2024-08-04 23:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In pfSense 2.4.4-p3, a stored XSS vulnerability occurs when attackers inject a payload into the Name or Description field via an acme_accountkeys_edit.php action. The vulnerability occurs due to input validation errors.
References
► | URL | Tags | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T23:17:39.907Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://redmine.pfsense.org/issues/9554#change-40729" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.pfsense.org/download/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://ctrsec.io/index.php/2019/05/28/stored-xss-acme-pfsense-2-4-4-p3/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/153112/pfSense-2.4.4-p3-Cross-Site-Scripting.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/pfsense/FreeBSD-ports/commit/504909564079e540689dbdbed3a579483c614275" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In pfSense 2.4.4-p3, a stored XSS vulnerability occurs when attackers inject a payload into the Name or Description field via an acme_accountkeys_edit.php action. The vulnerability occurs due to input validation errors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-29T18:29:16", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://redmine.pfsense.org/issues/9554#change-40729" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.pfsense.org/download/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://ctrsec.io/index.php/2019/05/28/stored-xss-acme-pfsense-2-4-4-p3/" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/153112/pfSense-2.4.4-p3-Cross-Site-Scripting.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/pfsense/FreeBSD-ports/commit/504909564079e540689dbdbed3a579483c614275" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-12347", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In pfSense 2.4.4-p3, a stored XSS vulnerability occurs when attackers inject a payload into the Name or Description field via an acme_accountkeys_edit.php action. The vulnerability occurs due to input validation errors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://redmine.pfsense.org/issues/9554#change-40729", "refsource": "MISC", "url": "https://redmine.pfsense.org/issues/9554#change-40729" }, { "name": "https://www.pfsense.org/download/", "refsource": "MISC", "url": "https://www.pfsense.org/download/" }, { "name": "https://ctrsec.io/index.php/2019/05/28/stored-xss-acme-pfsense-2-4-4-p3/", "refsource": "MISC", "url": "https://ctrsec.io/index.php/2019/05/28/stored-xss-acme-pfsense-2-4-4-p3/" }, { "name": "http://packetstormsecurity.com/files/153112/pfSense-2.4.4-p3-Cross-Site-Scripting.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/153112/pfSense-2.4.4-p3-Cross-Site-Scripting.html" }, { "name": "https://github.com/pfsense/FreeBSD-ports/commit/504909564079e540689dbdbed3a579483c614275", "refsource": "CONFIRM", "url": "https://github.com/pfsense/FreeBSD-ports/commit/504909564079e540689dbdbed3a579483c614275" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-12347", "datePublished": "2019-05-29T18:29:16", "dateReserved": "2019-05-27T00:00:00", "dateUpdated": "2024-08-04T23:17:39.907Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2019-11816 (GCVE-0-2019-11816)
Vulnerability from cvelistv5
Published
2019-05-20 21:26
Modified
2024-08-04 23:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T23:03:32.805Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://forum.opnsense.org/index.php?topic=12787.0" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.netgate.com/blog/pfsense-2-4-4-release-p3-now-available.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2019-05-20T00:00:00", "descriptions": [ { "lang": "en", "value": "Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-05-20T21:26:03", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://forum.opnsense.org/index.php?topic=12787.0" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.netgate.com/blog/pfsense-2-4-4-release-p3-now-available.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-11816", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://forum.opnsense.org/index.php?topic=12787.0", "refsource": "CONFIRM", "url": "https://forum.opnsense.org/index.php?topic=12787.0" }, { "name": "https://www.netgate.com/blog/pfsense-2-4-4-release-p3-now-available.html", "refsource": "CONFIRM", "url": "https://www.netgate.com/blog/pfsense-2-4-4-release-p3-now-available.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-11816", "datePublished": "2019-05-20T21:26:03", "dateReserved": "2019-05-08T00:00:00", "dateUpdated": "2024-08-04T23:03:32.805Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-42326 (GCVE-0-2023-42326)
Vulnerability from cvelistv5
Published
2023-11-14 00:00
Modified
2024-08-02 19:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue in Netgate pfSense v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the interfaces_gif_edit.php and interfaces_gre_edit.php components.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T19:16:51.038Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-23_10.webgui.asc" }, { "tags": [ "x_transferred" ], "url": "https://www.sonarsource.com/blog/pfsense-vulnerabilities-sonarcloud/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue in Netgate pfSense v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the interfaces_gif_edit.php and interfaces_gre_edit.php components." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-12T19:57:58.044403", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://docs.netgate.com/downloads/pfSense-SA-23_10.webgui.asc" }, { "url": "https://www.sonarsource.com/blog/pfsense-vulnerabilities-sonarcloud/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-42326", "datePublished": "2023-11-14T00:00:00", "dateReserved": "2023-09-08T00:00:00", "dateUpdated": "2024-08-02T19:16:51.038Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2022-29273 (GCVE-0-2022-29273)
Vulnerability from cvelistv5
Published
2023-02-22 00:00
Modified
2025-03-12 15:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
pfSense CE through 2.6.0 and pfSense Plus before 22.05 allow XSS in the WebGUI via URL Table Alias URL parameters.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T06:17:54.531Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://docs.netgate.com/pfsense/en/latest/releases/index.html#current-and-upcoming-supported-releases" }, { "tags": [ "x_transferred" ], "url": "https://redmine.pfsense.org/issues/13060" }, { "tags": [ "x_transferred" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-22_05.webgui.asc" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2022-29273", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-03-12T15:07:38.860161Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-03-12T15:08:01.755Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "pfSense CE through 2.6.0 and pfSense Plus before 22.05 allow XSS in the WebGUI via URL Table Alias URL parameters." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-10T00:00:00.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://docs.netgate.com/pfsense/en/latest/releases/index.html#current-and-upcoming-supported-releases" }, { "url": "https://redmine.pfsense.org/issues/13060" }, { "url": "https://docs.netgate.com/downloads/pfSense-SA-22_05.webgui.asc" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-29273", "datePublished": "2023-02-22T00:00:00.000Z", "dateReserved": "2022-04-15T00:00:00.000Z", "dateUpdated": "2025-03-12T15:08:01.755Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2019-12584 (GCVE-0-2019-12584)
Vulnerability from cvelistv5
Published
2019-06-03 02:27
Modified
2024-08-04 23:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsd_status.php.
References
► | URL | Tags |
---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T23:24:39.165Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/pfsense/FreeBSD-ports/commit/b492c0ea47aba8dde2f14183e71498ba207594e3" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://redmine.pfsense.org/issues/9556" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://ctrsec.io/index.php/2019/05/28/cve-2019-12584-12585-command-injection-vulnerability-on-pfsense-2-4-4-release-p3/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsd_status.php." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-04T19:05:37", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/pfsense/FreeBSD-ports/commit/b492c0ea47aba8dde2f14183e71498ba207594e3" }, { "tags": [ "x_refsource_MISC" ], "url": "https://redmine.pfsense.org/issues/9556" }, { "tags": [ "x_refsource_MISC" ], "url": "https://ctrsec.io/index.php/2019/05/28/cve-2019-12584-12585-command-injection-vulnerability-on-pfsense-2-4-4-release-p3/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-12584", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsd_status.php." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/pfsense/FreeBSD-ports/commit/b492c0ea47aba8dde2f14183e71498ba207594e3", "refsource": "MISC", "url": "https://github.com/pfsense/FreeBSD-ports/commit/b492c0ea47aba8dde2f14183e71498ba207594e3" }, { "name": "https://redmine.pfsense.org/issues/9556", "refsource": "MISC", "url": "https://redmine.pfsense.org/issues/9556" }, { "name": "https://ctrsec.io/index.php/2019/05/28/cve-2019-12584-12585-command-injection-vulnerability-on-pfsense-2-4-4-release-p3/", "refsource": "MISC", "url": "https://ctrsec.io/index.php/2019/05/28/cve-2019-12584-12585-command-injection-vulnerability-on-pfsense-2-4-4-release-p3/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-12584", "datePublished": "2019-06-03T02:27:47", "dateReserved": "2019-06-02T00:00:00", "dateUpdated": "2024-08-04T23:24:39.165Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-19201 (GCVE-0-2020-19201)
Vulnerability from cvelistv5
Published
2021-07-12 15:53
Modified
2024-08-04 14:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A Stored Cross-Site Scripting (XSS) vulnerability was found in status_filter_reload.php, a page in the pfSense software WebGUI, on Netgate pfSense version 2.4.4-p2 and earlier. The page did not encode output from the filter reload process, and a stored XSS was possible via the descr (description) parameter on NAT rules.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T14:08:30.629Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.pfsense.org/download/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://gist.github.com/dharmeshbaskaran/fd3779006361d07651a883e8a040d916" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A Stored Cross-Site Scripting (XSS) vulnerability was found in status_filter_reload.php, a page in the pfSense software WebGUI, on Netgate pfSense version 2.4.4-p2 and earlier. The page did not encode output from the filter reload process, and a stored XSS was possible via the descr (description) parameter on NAT rules." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-15T14:19:38", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.pfsense.org/download/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://gist.github.com/dharmeshbaskaran/fd3779006361d07651a883e8a040d916" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-19201", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A Stored Cross-Site Scripting (XSS) vulnerability was found in status_filter_reload.php, a page in the pfSense software WebGUI, on Netgate pfSense version 2.4.4-p2 and earlier. The page did not encode output from the filter reload process, and a stored XSS was possible via the descr (description) parameter on NAT rules." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.pfsense.org/download/", "refsource": "MISC", "url": "https://www.pfsense.org/download/" }, { "name": "https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html", "refsource": "MISC", "url": "https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html" }, { "name": "https://gist.github.com/dharmeshbaskaran/fd3779006361d07651a883e8a040d916", "refsource": "MISC", "url": "https://gist.github.com/dharmeshbaskaran/fd3779006361d07651a883e8a040d916" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-19201", "datePublished": "2021-07-12T15:53:46", "dateReserved": "2020-08-13T00:00:00", "dateUpdated": "2024-08-04T14:08:30.629Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4694 (GCVE-0-2014-4694)
Vulnerability from cvelistv5
Published
2014-07-02 10:00
Modified
2024-08-06 11:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple cross-site scripting (XSS) vulnerabilities in suricata_select_alias.php in the Suricata package before 1.0.6 for pfSense through 2.1.4 allow remote attackers to inject arbitrary web script or HTML via unspecified variables.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:27:36.891Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-06-25T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in suricata_select_alias.php in the Suricata package before 1.0.6 for pfSense through 2.1.4 allow remote attackers to inject arbitrary web script or HTML via unspecified variables." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2014-07-02T04:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-4694", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in suricata_select_alias.php in the Suricata package before 1.0.6 for pfSense through 2.1.4 allow remote attackers to inject arbitrary web script or HTML via unspecified variables." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc", "refsource": "CONFIRM", "url": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-4694", "datePublished": "2014-07-02T10:00:00", "dateReserved": "2014-06-28T00:00:00", "dateUpdated": "2024-08-06T11:27:36.891Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2018-4019 (GCVE-0-2018-4019)
Vulnerability from cvelistv5
Published
2018-12-03 22:00
Modified
2024-09-17 04:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- OS command injection
Summary
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_normal_mode` parameter.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Netgate | Netgate pfSense |
Version: Netgate pfSense CE 2.4.4-RELEASE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T05:04:28.255Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Netgate pfSense", "vendor": "Netgate", "versions": [ { "status": "affected", "version": "Netgate pfSense CE 2.4.4-RELEASE" } ] } ], "datePublic": "2018-12-03T00:00:00", "descriptions": [ { "lang": "en", "value": "An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_normal_mode` parameter." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "description": "OS command injection", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-04-19T18:08:18", "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "talos-cna@cisco.com", "DATE_PUBLIC": "2018-12-03T00:00:00", "ID": "CVE-2018-4019", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Netgate pfSense", "version": { "version_data": [ { "version_value": "Netgate pfSense CE 2.4.4-RELEASE" } ] } } ] }, "vendor_name": "Netgate" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_normal_mode` parameter." } ] }, "impact": { "cvss": { "baseScore": 7.2, "baseSeverity": "High", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "OS command injection" } ] } ] }, "references": { "reference_data": [ { "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690", "refsource": "MISC", "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690" } ] } } } }, "cveMetadata": { "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "assignerShortName": "talos", "cveId": "CVE-2018-4019", "datePublished": "2018-12-03T22:00:00Z", "dateReserved": "2018-01-02T00:00:00", "dateUpdated": "2024-09-17T04:18:45.952Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2018-20799 (GCVE-0-2018-20799)
Vulnerability from cvelistv5
Published
2019-03-01 15:00
Modified
2024-08-05 12:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In pfSense 2.4.4_1, blocking of source IP addresses on the basis of failed HTTPS authentication is inconsistent with blocking of source IP addresses on the basis of failed SSH authentication (the behavior does not match the sshguard documentation), which might make it easier for attackers to bypass intended access restrictions.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T12:12:27.107Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://redmine.pfsense.org/issues/9223" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2019-03-01T00:00:00", "descriptions": [ { "lang": "en", "value": "In pfSense 2.4.4_1, blocking of source IP addresses on the basis of failed HTTPS authentication is inconsistent with blocking of source IP addresses on the basis of failed SSH authentication (the behavior does not match the sshguard documentation), which might make it easier for attackers to bypass intended access restrictions." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-03-01T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://redmine.pfsense.org/issues/9223" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20799", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In pfSense 2.4.4_1, blocking of source IP addresses on the basis of failed HTTPS authentication is inconsistent with blocking of source IP addresses on the basis of failed SSH authentication (the behavior does not match the sshguard documentation), which might make it easier for attackers to bypass intended access restrictions." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://redmine.pfsense.org/issues/9223", "refsource": "MISC", "url": "https://redmine.pfsense.org/issues/9223" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-20799", "datePublished": "2019-03-01T15:00:00", "dateReserved": "2019-03-01T00:00:00", "dateUpdated": "2024-08-05T12:12:27.107Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4696 (GCVE-0-2014-4696)
Vulnerability from cvelistv5
Published
2014-07-02 10:00
Modified
2024-08-06 11:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple open redirect vulnerabilities in the Suricata package before 1.0.6 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to suricata_rules_flowbits.php or (2) the returl parameter to suricata_select_alias.php.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:27:36.855Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-06-25T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple open redirect vulnerabilities in the Suricata package before 1.0.6 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to suricata_rules_flowbits.php or (2) the returl parameter to suricata_select_alias.php." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2014-07-02T04:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-4696", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple open redirect vulnerabilities in the Suricata package before 1.0.6 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to suricata_rules_flowbits.php or (2) the returl parameter to suricata_select_alias.php." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc", "refsource": "CONFIRM", "url": "https://pfsense.org/security/advisories/pfSense-SA-14_13.packages.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-4696", "datePublished": "2014-07-02T10:00:00", "dateReserved": "2014-06-28T00:00:00", "dateUpdated": "2024-08-06T11:27:36.855Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2019-12585 (GCVE-0-2019-12585)
Vulnerability from cvelistv5
Published
2019-06-03 02:28
Modified
2024-08-04 23:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an Arbitrary Command Execution issue in apcupsd_status.php.
References
► | URL | Tags |
---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T23:24:38.689Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/pfsense/FreeBSD-ports/commit/b492c0ea47aba8dde2f14183e71498ba207594e3" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://redmine.pfsense.org/issues/9556" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://ctrsec.io/index.php/2019/05/28/cve-2019-12584-12585-command-injection-vulnerability-on-pfsense-2-4-4-release-p3/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an Arbitrary Command Execution issue in apcupsd_status.php." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-06-04T19:08:22", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/pfsense/FreeBSD-ports/commit/b492c0ea47aba8dde2f14183e71498ba207594e3" }, { "tags": [ "x_refsource_MISC" ], "url": "https://redmine.pfsense.org/issues/9556" }, { "tags": [ "x_refsource_MISC" ], "url": "https://ctrsec.io/index.php/2019/05/28/cve-2019-12584-12585-command-injection-vulnerability-on-pfsense-2-4-4-release-p3/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-12585", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an Arbitrary Command Execution issue in apcupsd_status.php." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/pfsense/FreeBSD-ports/commit/b492c0ea47aba8dde2f14183e71498ba207594e3", "refsource": "MISC", "url": "https://github.com/pfsense/FreeBSD-ports/commit/b492c0ea47aba8dde2f14183e71498ba207594e3" }, { "name": "https://redmine.pfsense.org/issues/9556", "refsource": "MISC", "url": "https://redmine.pfsense.org/issues/9556" }, { "name": "https://ctrsec.io/index.php/2019/05/28/cve-2019-12584-12585-command-injection-vulnerability-on-pfsense-2-4-4-release-p3/", "refsource": "MISC", "url": "https://ctrsec.io/index.php/2019/05/28/cve-2019-12584-12585-command-injection-vulnerability-on-pfsense-2-4-4-release-p3/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-12585", "datePublished": "2019-06-03T02:28:08", "dateReserved": "2019-06-02T00:00:00", "dateUpdated": "2024-08-04T23:24:38.689Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-27253 (GCVE-0-2023-27253)
Vulnerability from cvelistv5
Published
2023-03-17 00:00
Modified
2025-02-26 14:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A command injection vulnerability in the function restore_rrddata() of Netgate pfSense v2.7.0 allows authenticated attackers to execute arbitrary commands via manipulating the contents of an XML file supplied to the component config.xml.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:01:32.543Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://redmine.pfsense.org/issues/13935" }, { "tags": [ "x_transferred" ], "url": "https://github.com/pfsense/pfsense/commit/ca80d18493f8f91b21933ebd6b714215ae1e5e94" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/173487/pfSense-Restore-RRD-Data-Command-Injection.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-27253", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-02-26T14:57:19.085381Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-02-26T14:58:43.600Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A command injection vulnerability in the function restore_rrddata() of Netgate pfSense v2.7.0 allows authenticated attackers to execute arbitrary commands via manipulating the contents of an XML file supplied to the component config.xml." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-13T00:00:00.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://redmine.pfsense.org/issues/13935" }, { "url": "https://github.com/pfsense/pfsense/commit/ca80d18493f8f91b21933ebd6b714215ae1e5e94" }, { "url": "http://packetstormsecurity.com/files/173487/pfSense-Restore-RRD-Data-Command-Injection.html" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-27253", "datePublished": "2023-03-17T00:00:00.000Z", "dateReserved": "2023-02-27T00:00:00.000Z", "dateUpdated": "2025-02-26T14:58:43.600Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2014-4691 (GCVE-0-2014-4691)
Vulnerability from cvelistv5
Published
2014-07-02 10:00
Modified
2024-08-06 11:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Session fixation vulnerability in pfSense before 2.1.4 allows remote attackers to hijack web sessions via a firewall login cookie.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T11:27:35.297Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_12.webgui.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-06-25T00:00:00", "descriptions": [ { "lang": "en", "value": "Session fixation vulnerability in pfSense before 2.1.4 allows remote attackers to hijack web sessions via a firewall login cookie." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2014-07-02T04:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://pfsense.org/security/advisories/pfSense-SA-14_12.webgui.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-4691", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Session fixation vulnerability in pfSense before 2.1.4 allows remote attackers to hijack web sessions via a firewall login cookie." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://pfsense.org/security/advisories/pfSense-SA-14_12.webgui.asc", "refsource": "CONFIRM", "url": "https://pfsense.org/security/advisories/pfSense-SA-14_12.webgui.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-4691", "datePublished": "2014-07-02T10:00:00", "dateReserved": "2014-06-28T00:00:00", "dateUpdated": "2024-08-06T11:27:35.297Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-6508 (GCVE-0-2015-6508)
Vulnerability from cvelistv5
Published
2015-08-18 15:00
Modified
2024-09-16 18:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the descr parameter in a "new" action to system_authservers.php.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:22:22.230Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://redmine.pfsense.org/issues/4698" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the descr parameter in a \"new\" action to system_authservers.php." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2015-08-18T15:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://redmine.pfsense.org/issues/4698" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-6508", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the descr parameter in a \"new\" action to system_authservers.php." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://redmine.pfsense.org/issues/4698", "refsource": "CONFIRM", "url": "https://redmine.pfsense.org/issues/4698" }, { "name": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc", "refsource": "CONFIRM", "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-6508", "datePublished": "2015-08-18T15:00:00Z", "dateReserved": "2015-08-18T00:00:00Z", "dateUpdated": "2024-09-16T18:43:59.851Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-6509 (GCVE-0-2015-6509)
Vulnerability from cvelistv5
Published
2015-08-18 15:00
Modified
2024-09-16 21:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple cross-site scripting (XSS) vulnerabilities in pfSense before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) proxypass parameter to system_advanced_misc.php; (2) adaptiveend, (3) adaptivestart, (4) maximumstates, (5) maximumtableentries, or (6) aliasesresolveinterval parameter to system_advanced_firewall.php; (7) proxyurl, (8) proxyuser, or (9) proxyport parameter to system_advanced_misc.php; or (10) name, (11) notification_name, (12) ipaddress, (13) password, (14) smtpipaddress, (15) smtpport, (16) smtpfromaddress, (17) smtpnotifyemailaddress, (18) smtpusername, or (19) smtppassword parameter to system_advanced_notifications.php.
References
► | URL | Tags | |||
---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:22:22.144Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in pfSense before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) proxypass parameter to system_advanced_misc.php; (2) adaptiveend, (3) adaptivestart, (4) maximumstates, (5) maximumtableentries, or (6) aliasesresolveinterval parameter to system_advanced_firewall.php; (7) proxyurl, (8) proxyuser, or (9) proxyport parameter to system_advanced_misc.php; or (10) name, (11) notification_name, (12) ipaddress, (13) password, (14) smtpipaddress, (15) smtpport, (16) smtpfromaddress, (17) smtpnotifyemailaddress, (18) smtpusername, or (19) smtppassword parameter to system_advanced_notifications.php." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2015-08-18T15:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-6509", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in pfSense before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) proxypass parameter to system_advanced_misc.php; (2) adaptiveend, (3) adaptivestart, (4) maximumstates, (5) maximumtableentries, or (6) aliasesresolveinterval parameter to system_advanced_firewall.php; (7) proxyurl, (8) proxyuser, or (9) proxyport parameter to system_advanced_misc.php; or (10) name, (11) notification_name, (12) ipaddress, (13) password, (14) smtpipaddress, (15) smtpport, (16) smtpfromaddress, (17) smtpnotifyemailaddress, (18) smtpusername, or (19) smtppassword parameter to system_advanced_notifications.php." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc", "refsource": "CONFIRM", "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-6509", "datePublished": "2015-08-18T15:00:00Z", "dateReserved": "2015-08-18T00:00:00Z", "dateUpdated": "2024-09-16T21:03:49.015Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2022-24299 (GCVE-0-2022-24299)
Vulnerability from cvelistv5
Published
2022-03-31 07:21
Modified
2024-08-03 04:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Improper Input Validation
Summary
Improper input validation vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change OpenVPN client or server settings to execute an arbitrary command.
References
► | URL | Tags | ||||||
---|---|---|---|---|---|---|---|---|
|
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
pfSense | pfSense CE and pfSense Plus |
Version: pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01 |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:07:02.366Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://jvn.jp/en/jp/JVN87751554/index.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-22_03.webgui.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "pfSense CE and pfSense Plus", "vendor": "pfSense", "versions": [ { "status": "affected", "version": "pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01" } ] } ], "descriptions": [ { "lang": "en", "value": "Improper input validation vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change OpenVPN client or server settings to execute an arbitrary command." } ], "problemTypes": [ { "descriptions": [ { "description": "Improper Input Validation", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-03-31T07:21:07", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://jvn.jp/en/jp/JVN87751554/index.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-22_03.webgui.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2022-24299", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "pfSense CE and pfSense Plus", "version": { "version_data": [ { "version_value": "pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01" } ] } } ] }, "vendor_name": "pfSense" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Improper input validation vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change OpenVPN client or server settings to execute an arbitrary command." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Improper Input Validation" } ] } ] }, "references": { "reference_data": [ { "name": "https://jvn.jp/en/jp/JVN87751554/index.html", "refsource": "MISC", "url": "https://jvn.jp/en/jp/JVN87751554/index.html" }, { "name": "https://docs.netgate.com/downloads/pfSense-SA-22_03.webgui.asc", "refsource": "MISC", "url": "https://docs.netgate.com/downloads/pfSense-SA-22_03.webgui.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2022-24299", "datePublished": "2022-03-31T07:21:07", "dateReserved": "2022-03-06T00:00:00", "dateUpdated": "2024-08-03T04:07:02.366Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2023-42325 (GCVE-0-2023-42325)
Vulnerability from cvelistv5
Published
2023-11-14 00:00
Modified
2024-11-26 21:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted url to the status_logs_filter_dynamic.php page.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T19:16:51.123Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://docs.netgate.com/downloads/pfSense-SA-23_09.webgui.asc" }, { "tags": [ "x_transferred" ], "url": "https://www.sonarsource.com/blog/pfsense-vulnerabilities-sonarcloud/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-42325", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-26T21:04:29.990114Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-26T21:04:40.351Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted url to the status_logs_filter_dynamic.php page." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-12-12T19:58:00.287897", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://docs.netgate.com/downloads/pfSense-SA-23_09.webgui.asc" }, { "url": "https://www.sonarsource.com/blog/pfsense-vulnerabilities-sonarcloud/" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-42325", "datePublished": "2023-11-14T00:00:00", "dateReserved": "2023-09-08T00:00:00", "dateUpdated": "2024-11-26T21:04:40.351Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2020-10797 (GCVE-0-2020-10797)
Vulnerability from cvelistv5
Published
2020-04-29 13:29
Modified
2024-08-04 11:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An XSS vulnerability resides in the hostname field of the diag_ping.php page in pfsense before 2.4.5 version. After passing inputs to the command and executing this command, the $result variable is not sanitized before it is printed.
References
► | URL | Tags | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T11:14:15.605Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://redmine.pfsense.org/issues/10355" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/pfsense/pfsense/commit/cc3990a334059018b004c91eeb66c147d8afe83d" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://docs.netgate.com/pfsense/en/latest/releases/2-4-5-new-features-and-changes.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2020-03-18T00:00:00", "descriptions": [ { "lang": "en", "value": "An XSS vulnerability resides in the hostname field of the diag_ping.php page in pfsense before 2.4.5 version. After passing inputs to the command and executing this command, the $result variable is not sanitized before it is printed." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-04-29T13:29:52", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://redmine.pfsense.org/issues/10355" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/pfsense/pfsense/commit/cc3990a334059018b004c91eeb66c147d8afe83d" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://docs.netgate.com/pfsense/en/latest/releases/2-4-5-new-features-and-changes.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-10797", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An XSS vulnerability resides in the hostname field of the diag_ping.php page in pfsense before 2.4.5 version. After passing inputs to the command and executing this command, the $result variable is not sanitized before it is printed." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://redmine.pfsense.org/issues/10355", "refsource": "MISC", "url": "https://redmine.pfsense.org/issues/10355" }, { "name": "https://github.com/pfsense/pfsense/commit/cc3990a334059018b004c91eeb66c147d8afe83d", "refsource": "MISC", "url": "https://github.com/pfsense/pfsense/commit/cc3990a334059018b004c91eeb66c147d8afe83d" }, { "name": "https://docs.netgate.com/pfsense/en/latest/releases/2-4-5-new-features-and-changes.html", "refsource": "CONFIRM", "url": "https://docs.netgate.com/pfsense/en/latest/releases/2-4-5-new-features-and-changes.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-10797", "datePublished": "2020-04-29T13:29:52", "dateReserved": "2020-03-20T00:00:00", "dateUpdated": "2024-08-04T11:14:15.605Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }