pfSense pfBlockerNG <=2.1..4_26 - OS Command Injection

pfSense pfBlockerNG through 2.1.426 is susceptible to OS command injection via root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected. id: CVE-2022-31814 info: name: pfSense pfBlockerNG =2.1..427 to mitigate this vulnerability. reference: -...

EUVD-2016-10864

NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGRegClnSrv service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the unquoted path and trigger service restart ...

CVE-2016-20057

NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGRegClnSrv service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the unquoted path and trigger service restart ...

CVE-2016-20058 Netgate AMITI Antivirus build 23.0.305 Unquoted Service Path Privilege Escalation

Netgate AMITI Antivirus build 23.0.305 contains an unquoted service path vulnerability in the AmitiAvSrv and AmitiAntivirusHealth services that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted service path and trigger service restart or...

CVE-2016-20058

CVE-2016-20058 affects Netgate AMITI Antivirus build 23.0.305, where an unquoted service path in the AmitiAvSrv and AmitiAntivirusHealth services allows a local attacker to escalate privileges. By placing a malicious executable in the unquoted path, triggering a service restart or system reboot e...

CVE-2016-20057

Summary: CVE-2016-20057 affects NETGATE Registry Cleaner build 16.0.205, via an unquoted service path in the NGRegClnSrv service. This allows a local attacker to escalate privileges by placing a malicious executable in the unquoted path and triggering a service restart or system reboot to execute...

CVE-2016-20057 NETGATE Registry Cleaner build 16.0.205 Unquoted Service Path Privilege Escalation

NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGRegClnSrv service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the unquoted path and trigger service restart ...

CVE-2016-20057 NETGATE Registry Cleaner build 16.0.205 Unquoted Service Path Privilege Escalation

NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGRegClnSrv service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the unquoted path and trigger service restart ...

NETGATE Amiti Antivirus 代码问题漏洞

NETGATE Amiti Antivirus is a antivirus software developed by the Slovak company NETGATE. NETGATE Amiti Antivirus build 23.0.305 has a code vulnerability. This vulnerability stems from service paths in the AmitiAvSrv and AmitiAntivirusHealth services that are not properly quoted. This could allow...

PT-2026-30354

NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGRegClnSrv service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the unquoted path and trigger service restart ...

NETGATE Spy Emergency 代码问题漏洞

NETGATE Spy Emergency is a Trojan virus detection and removal software developed by the Slovakian company NETGATE. There is a code vulnerability in NETGATE Spy Emergency build 23.0.205. This vulnerability stems from the fact that the SpyEmrgHealth and SpyEmrgSrv services use service paths without...

NETGATE Registry Cleaner 代码问题漏洞

NETGATE Registry Cleaner is a system optimization and registry cleaning tool developed by the Slovak company NETGATE. NETGATE Registry Cleaner Build 16.0.205 contains a code vulnerability. This vulnerability stems from the NGRegClnSrv service having a service path that lacks quotes, which may all...

PT-2026-20263

Name of the Vulnerable Software and Affected Versions Netgate pfSense CE version 2.8.0 Description Code execution is possible in the XMLRPC API through the pfsense.exec php function. This functionality is available to administrators, who are intentionally permitted to execute PHP code...

CVE-2019-25271

NETGATE Data Backup 3.0.620 contains an unquoted service path vulnerability in its NGDatBckpSrv Windows service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with LocalSystem privileges by placing executable files in specific directory locations...

NETGATE Data Backup 代码问题漏洞

NETGATE Data Backup is a data backup software developed by the Slovak company NETGATE. Version NETGATE Data Backup 3.0.620 contains a code vulnerability. This vulnerability stems from the service path in the configuration of the NGDatBckpSrv Windows service, which lacks quotation marks. This coul...

CVE-2019-25271

NETGATE Data Backup 3.0.620 contains an unquoted service path vulnerability in its NGDatBckpSrv Windows service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with LocalSystem privileges by placing executable files in specific directory locations...

CVE-2019-25271 NETGATE Data Backup 3.0.620 - 'NGDatBckpSrv' Unquoted Service Path

NETGATE Data Backup 3.0.620 contains an unquoted service path vulnerability in its NGDatBckpSrv Windows service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with LocalSystem privileges by placing executable files in specific directory locations...

CVE-2019-25271

CVE-2019-25271 – NETGATE Data Backup 3.0.620 suffers an unquoted service path vulnerability in the NGDatBckpSrv Windows service configuration. The unquoted path can be exploited to inject and execute code with LocalSystem privileges by placing executables in specific directory locations. This mir...

NETGATE Spy Emergency security vulnerability

NETGATE Spy Emergency is a Trojan virus detection and removal software developed by the Slovak company NETGATE. Version 25.0.650 of NETGATE Spy Emergency contains a security vulnerability. This vulnerability stems from the use of service paths without quotes in Windows service configurations, whi...

CVE-2025-12490

Netgate pfSense CE Suricata Path Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Netgate pfSense. Authentication is required to exploit this vulnerability. The specific flaw exists within the Suricata...