Vulnerability CVE-2016-10709

Vulnerability CVE-2016-10709

Published: 2018-01-21 Modified: 2018-01-22

Description:

Type:

(Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') )

CVSS Base Score	Impact Subscore	Exploitability Subscore
9/10	10/10	8/10

Affected software
Pfsense -> Pfsense

https://www.exploit-db.com/exploits/39709/

https://www.pfsense.org/security/advisories/pfSense-SA-16_01.webgui.asc

https://www.rapid7.com/db/modules/exploit/unix/http/pfsense_graph_injection_exec

https://www.security-assessment.com/files/documents/advisory/pfsenseAdvisory.pdf