Latest Netgate Vulnerabilities

CVE-2023-48795
Prefix Truncation Attacks in SSH Specification (Terrapin Attack)
pip/paramiko>=2.5.0<3.4.0
go/golang.org/x/crypto<0.17.0
rust/russh<0.40.2
Apple macOS Sonoma<14.4
Openbsd Openssh<9.6
Putty Putty<0.80
and 128 more
CVE-2023-42326
An issue in Netgate pfSense v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the interfaces_gif_edit.php and interfaces_gre_edit.php components.
Netgate pfSense<=2.7.0
Netgate pfSense Plus<=23.05.1
pfSense pfSense=2.7.0
pfSense pfSense Plus=23.05.01
CVE-2023-42327
Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted URL to the getserviceproviders.php page.
Netgate pfSense=2.7.0
pfSense pfSense=2.7.0
pfSense pfSense Plus=23.05.01
CVE-2023-42325
Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted url to the status_logs_filter_dynamic.php page.
Netgate pfSense=2.7.0
pfSense pfSense=2.7.0
pfSense pfSense Plus=23.05.01
CVE-2020-21487
Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows attackers to execute arbitrary code via the RootFolder field of acme_certificates.php.
Netgate pfSense=2.4.4
Netgate Pfsense Acme Package=0.6.3
CVE-2023-27100
Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate pfSense Plus software v22.05.1 and pfSense CE software v2.6.0 allows attackers to bypass brute force prot...
Netgate pfSense Plus=22.05.1
pfSense pfSense=2.6.0
CVE-2023-27253
A command injection vulnerability in the function restore_rrddata() of Netgate pfSense v2.7.0 allows authenticated attackers to execute arbitrary commands via manipulating the contents of an XML file ...
Netgate pfSense=2.7.0
CVE-2022-29273
pfSense CE through 2.6.0 and pfSense Plus before 22.05 allow XSS in the WebGUI via URL Table Alias URL parameters.
Netgate pfSense<=2.6.0
Netgate pfSense<22.05
CVE-2020-21219
Cross Site Scripting (XSS) vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the RootFolder field to acme_certifica...
Netgate ACME=0.6.3
Netgate pfSense=2.4.4-p3
CVE-2022-31814
pfSense pfBlockerNG through 2.1.4_26 allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected.
Netgate Pfblockerng<=2.1.4_26
CVE-2022-24299
Improper input validation vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the...
Netgate pfSense<2.6.0
Netgate pfSense Plus<22.01
CVE-2022-26019
Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the p...
Netgate pfSense<2.6.0
Netgate pfSense Plus<22.01
CVE-2021-20729
Cross-site scripting vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions 2.5.2 and earlier, and pfSense Plus software versions 21.05 and earlier) allows a remote attacker to inj...
Netgate pfSense Plus<=21.05
pfSense pfSense<=2.5.2
CVE-2020-19201
A Stored Cross-Site Scripting (XSS) vulnerability was found in status_filter_reload.php, a page in the pfSense software WebGUI, on Netgate pfSense version 2.4.4-p2 and earlier. The page did not encode...
Netgate pfSense<=2.4.4
Netgate pfSense=2.4.4-p1
Netgate pfSense=2.4.4-p2
CVE-2020-19203
An authenticated Cross-Site Scripting (XSS) vulnerability was found in widgets/widgets/wake_on_lan_widget.php, a component of the pfSense software WebGUI, on version 2.4.4-p2 and earlier. The widget d...
Netgate pfSense<2.4.4
Netgate pfSense=2.4.4
Netgate pfSense=2.4.4-p1
Netgate pfSense=2.4.4-p2
CVE-2020-10797
An XSS vulnerability resides in the hostname field of the diag_ping.php page in pfsense before 2.4.5 version. After passing inputs to the command and executing this command, the $result variable is no...
Netgate pfSense<2.4.5
CVE-2020-11457
pfSense before 2.4.5 has stored XSS in system_usermanager_addprivs.php in the WebGUI via the descr parameter (aka full name) of a user.
Netgate pfSense<2.4.5
CVE-2019-16667
diag_command.php in pfSense 2.4.4-p3 allows CSRF via the txtCommand or txtRecallBuffer field, as demonstrated by executing OS commands. This occurs because csrf_callback() produces a "CSRF token expir...
Netgate pfSense=2.4.4-p3
CVE-2019-16915
An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization (e.g., a basename call) for a pathname to file_get_co...
Netgate pfSense<2.4.4
Netgate pfSense=2.4.4
Netgate pfSense=2.4.4-p1
Netgate pfSense=2.4.4-p2
Netgate pfSense=2.4.4-p3
CVE-2019-16914
An XSS issue was discovered in pfSense through 2.4.4-p3. In services_captiveportal_mac.php, the username and delmac parameters are displayed without sanitization.
Netgate pfSense<2.4.4
Netgate pfSense=2.4.4
Netgate pfSense=2.4.4-p1
Netgate pfSense=2.4.4-p2
Netgate pfSense=2.4.4-p3
CVE-2019-16701
pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.exec_php call containing shell metacharacters in a parameter value.
Netgate pfSense>=2.3.4<2.4.4
Netgate pfSense=2.4.4
Netgate pfSense=2.4.4-p1
Netgate pfSense=2.4.4-p2
Netgate pfSense=2.4.4-p3
CVE-2019-12949
Netgate pfSense=2.4.4-p2
Netgate pfSense=2.4.4-p3
CVE-2019-12585
Apcupsd Apcupsd=0.3.91_5
Netgate pfSense<2.4.4
Netgate pfSense=2.4.4
Netgate pfSense=2.4.4-p1
Netgate pfSense=2.4.4-p2
Netgate pfSense=2.4.4-p3
CVE-2019-12584
Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsd_status.php.
Apcupsd Apcupsd=0.3.91_5
Netgate pfSense<2.4.4
Netgate pfSense=2.4.4
Netgate pfSense=2.4.4-p1
Netgate pfSense=2.4.4-p2
Netgate pfSense=2.4.4-p3
CVE-2019-12347
In pfSense 2.4.4-p3, a stored XSS vulnerability occurs when attackers inject a payload into the Name or Description field via an acme_accountkeys_edit.php action. The vulnerability occurs due to input...
Netgate pfSense=2.4.4-p3
CVE-2019-11816
Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted r...
Netgate pfSense<=2.4.4
Netgate pfSense=2.4.4-p1
Netgate pfSense=2.4.4-p2
Opnsense Opnsense<19.1.8
CVE-2018-20798
The expiretable configuration in pfSense 2.4.4_1 establishes block durations that are incompatible with the block durations implemented by sshguard, which might make it easier for attackers to bypass ...
Netgate pfSense=2.4.4-p1
CVE-2018-20799
In pfSense 2.4.4_1, blocking of source IP addresses on the basis of failed HTTPS authentication is inconsistent with blocking of source IP addresses on the basis of failed SSH authentication (the beha...
Netgate pfSense=2.4.4-p1
CVE-2019-8953
The HAProxy package before 0.59_16 for pfSense has XSS via the desc (aka Description) or table_actionsaclN parameter, related to haproxy_listeners.php and haproxy_listeners_edit.php.
Netgate Haproxy<0.59_16
CVE-2018-4019
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the abilit...
Netgate pfSense=2.4.4
CVE-2018-4020
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the abilit...
Netgate pfSense=2.4.4
CVE-2018-4021
Netgate pfSense=2.4.4
CVE-2018-16055
An authenticated command injection vulnerability exists in status_interfaces.php via dhcp_relinquish_lease() in pfSense before 2.4.4 due to its passing user input from the $_POST parameters "ifdescr" ...
Netgate pfSense<2.4.4

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203