RSS   Podatności dla 'Pfsense plus'   RSS

2023-12-06
 
CVE-2023-48123

CWE-noinfo
 

 
An issue in Netgate pfSense Plus v.23.05.1 and before and pfSense CE v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the packet_capture.php file.

 
2022-03-31
 
CVE-2021-20729

CWE-79
 

 
Cross-site scripting vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions 2.5.2 and earlier, and pfSense Plus software versions 21.05 and earlier) allows a remote attacker to inject an arbitrary script via a malicious URL.

 
 
CVE-2022-24299

CWE-20
 

 
Improper input validation vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change OpenVPN client or server settings to execute an arbitrary command.

 
 
CVE-2022-26019

NVD-CWE-Other
 

 
Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, which may result in arbitrary command execution.

 

 >>> Vendor: Netgate 2 Produkty
Pfsense
Pfsense plus


Copyright 2024, cxsecurity.com

 

Back to Top