Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

201 matches found

Vulnrichment
Vulnrichmentadded 2023/03/22 12:0 a.m.10 views

CVE-2023-27100

Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate pfSense Plus software v22.05.1 and pfSense CE software v2.6.0 allows attackers to bypass brute force protection mechanisms via crafted web requests...

9.6AI score0.03048EPSS
Exploits5References3
OSV
OSVadded 2023/03/17 10:15 p.m.21 views

CVE-2023-27253

A command injection vulnerability in the function restorerrddata of Netgate pfSense v2.7.0 allows authenticated attackers to execute arbitrary commands via manipulating the contents of an XML file supplied to the component config.xml...

8.8CVSS8.2AI score
Exploits0References3
NVD
NVDadded 2023/03/17 10:15 p.m.18 views

CVE-2023-27253

A command injection vulnerability in the function restorerrddata of Netgate pfSense v2.7.0 allows authenticated attackers to execute arbitrary commands via manipulating the contents of an XML file supplied to the component config.xml...

8.8CVSS9AI score0.79155EPSS
Exploits4References3
Prion
Prionadded 2023/03/17 10:15 p.m.22 views

Command injection

A command injection vulnerability in the function restorerrddata of Netgate pfSense v2.7.0 allows authenticated attackers to execute arbitrary commands via manipulating the contents of an XML file supplied to the component config.xml...

6.5CVSS9AI score0.79155EPSS
Exploits4References3Affected Software1
CNNVD
CNNVDadded 2023/03/17 12:0 a.m.4 views

pfSense 安全漏洞

pfSense is a set of network firewalls based on FreeBSD Linux. A security vulnerability exists in Netgate pfSense version v2.7.0, which was discovered to contain a command injection vulnerability via the restorerrddata function. An attacker can exploit this vulnerability to execute arbitrary...

8.8CVSS8.8AI score0.79155EPSS
Exploits4References5
CVE
CVEadded 2023/03/17 12:0 a.m.100 views

CVE-2023-27253

pfSense pfSense v2.7.0 is affected by CVE-2023-27253 through a command injection in restore_rrddata() that lets an authenticated user cause arbitrary OS commands by altering the contents of config.xml. Affected component is the restore_rrddata() function; the vulnerability is exploited via crafte...

8.8CVSS8.9AI score0.79155EPSS
Exploits4References3Affected Software1
Vulnrichment
Vulnrichmentadded 2023/03/17 12:0 a.m.11 views

CVE-2023-27253

A command injection vulnerability in the function restorerrddata of Netgate pfSense v2.7.0 allows authenticated attackers to execute arbitrary commands via manipulating the contents of an XML file supplied to the component config.xml...

9AI score0.79155EPSS
Exploits4References3
Cvelist
Cvelistadded 2023/03/17 12:0 a.m.26 views

CVE-2023-27253

A command injection vulnerability in the function restorerrddata of Netgate pfSense v2.7.0 allows authenticated attackers to execute arbitrary commands via manipulating the contents of an XML file supplied to the component config.xml...

9.2AI score0.79155EPSS
Exploits4References3
GithubExploit
GithubExploitadded 2023/03/05 12:56 a.m.310 views

Exploit for OS Command Injection in Netgate Pfblockerng

CVE-2022-31814 WebApp bug import argparse import requ...

9.8CVSS9.6AI score0.94321EPSS
Exploits14
GithubExploit
GithubExploitadded 2023/03/05 12:56 a.m.228 views

Exploit for OS Command Injection in Netgate Pfblockerng

CVE-2022-31814 WebApp bug import argparse import requ...

9.8CVSS9.6AI score0.94321EPSS
Exploits14
GithubExploit
GithubExploitadded 2023/03/01 1:24 p.m.310 views

Exploit for OS Command Injection in Netgate Pfblockerng

CVE-2022-31814 text Reworked and optimized exploit scrip...

9.8CVSS9.9AI score0.94321EPSS
Exploits14
Packet Storm
Packet Stormadded 2023/02/27 12:0 a.m.243 views

pfBlockerNG 2.1.4_26 Remote Code Execution

Exploit Title: pfBlockerNG 2.1.426 - Remote Code Execution RCE Shodan Results: https://www.shodan.io/search?query=http.title%3A%22pfSense+-+Login%22+%22Server%3A+nginx%22+%22Set-Cookie%3A+PHPSESSID%3D%22 Date: 5th of September 2022 Exploit Author: IHTeam Vendor Homepage:...

9.8CVSS0.4AI score0.94321EPSS
Exploits14
Saint
Saintadded 2022/12/23 12:0 a.m.152 views

pfSense pfBlockerNG Host header command injection

Added: 12/23/2022 Background pfSense is an open-source network firewall based on the FreeBSD operating system. pfSense is the software which powers Netgate Security Gateway Appliances. pfBlockerNG is a pfSense package which allows creation of firewall rules on the appliance. Problem A vulnerabili...

7.7AI score
Exploits0
NVD
NVDadded 2022/12/15 7:15 p.m.19 views

CVE-2020-21219

Cross Site Scripting XSS vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the RootFolder field to acmecertificateedit.php page of the ACME package...

6.1CVSS0.00617EPSS
Exploits0References2
OSV
OSVadded 2022/12/15 7:15 p.m.11 views

CVE-2020-21219

Cross Site Scripting XSS vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the RootFolder field to acmecertificateedit.php page of the ACME package...

6.1CVSS6.3AI score
Exploits0References2
Prion
Prionadded 2022/12/15 7:15 p.m.13 views

Cross site scripting

Cross Site Scripting XSS vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the RootFolder field to acmecertificateedit.php page of the ACME package...

5.8CVSS6.2AI score0.00617EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichmentadded 2022/12/15 12:0 a.m.5 views

CVE-2020-21219

Cross Site Scripting XSS vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the RootFolder field to acmecertificateedit.php page of the ACME package...

6.3AI score0.00617EPSS
Exploits0References2
CVE
CVEadded 2022/12/15 12:0 a.m.69 views

CVE-2020-21219

CVE-2020-21219 : Affected software is Netgate pfSense 2.4.4-Release-p3 with the Netgate ACME package 0.6.3. The vulnerability is a Cross Site Scripting (XSS) in the RootFolder field of the ACME package’s acme_certificate_edit.php, allowing remote attackers to run arbitrary code. The connected sou...

6.1CVSS6.1AI score0.00617EPSS
Exploits0References2Affected Software2
Cvelist
Cvelistadded 2022/12/15 12:0 a.m.11 views

CVE-2020-21219

Cross Site Scripting XSS vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the RootFolder field to acmecertificateedit.php page of the ACME package...

6.1AI score0.00617EPSS
Exploits0References2
GithubExploit
GithubExploitadded 2022/09/18 11:10 a.m.313 views

Exploit for OS Command Injection in Netgate Pfblockerng

SenselessViolence CVE-2022-31814 pfSense pfBlockerNG = 2.1.4...

9.8CVSS9.9AI score0.94321EPSS
Exploits14
Rows per page
Query Builder