CVE-2019-16667: CSRF
First published: Thu Sep 26 2019(Updated: )
diag_command.php in pfSense 2.4.4-p3 allows CSRF via the txtCommand or txtRecallBuffer field, as demonstrated by executing OS commands. This occurs because csrf_callback() produces a "CSRF token expired" error and a Try Again button when a CSRF token is missing.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Netgate pfSense | =2.4.4-p3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-16667?
CVE-2019-16667 is a vulnerability in pfSense 2.4.4-p3 that allows CSRF attacks via the txtCommand or txtRecallBuffer field, leading to the execution of OS commands.
How severe is CVE-2019-16667?
CVE-2019-16667 has a severity rating of 8.8 (high).
How does CVE-2019-16667 work?
CVE-2019-16667 occurs when the csrf_callback() function in diag_command.php does not find a valid CSRF token, allowing an attacker to perform CSRF attacks by manipulating the txtCommand or txtRecallBuffer field.
What software is affected by CVE-2019-16667?
pfSense 2.4.4-p3 is affected by CVE-2019-16667.
How can I protect myself from CVE-2019-16667?
To protect yourself from CVE-2019-16667, update pfSense to a version that contains the fix.
- collector/nvd-index
- vendor/netgate
- canonical/netgate pfsense
- version/netgate pfsense/2.4.4-p3