First published: Mon Dec 03 2018(Updated: )
Credit: talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Netgate pfSense | =2.4.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-4021 is an exploitable command injection vulnerability in Netgate pfSense CE 2.4.4-RELEASE.
CVE-2018-4021 allows an attacker to execute arbitrary commands on the system through a specific POST request.
CVE-2018-4021 has a severity rating of 7.2 out of 10 (high).
An attacker can exploit CVE-2018-4021 by sending an authenticated POST request with malicious parameters.
Yes, a fix is available to address the command injection vulnerability in Netgate pfSense CE 2.4.4-RELEASE.