Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2021/02/02 12:0 a.m.44 views

pfSense 2.4.x < 2.4.4-p1 Multiple Vulnerabilities (SA-18_09)

According to its self-reported version number, the remote pfSense install is a version 2.4.x prior to 2.4.4-p1. It is, therefore, affected by multiple vulnerabilities, including the following: - An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE...

7.2CVSS6.5AI score0.7221EPSS
Exploits3References8
Circl
Circl
added 2018/12/06 5:58 p.m.13 views

CVE-2018-4019

creationtimestamp| type| source ---|---|--- 2018-12-06 17:58:41+00:00| seen| MISP/5c096266-ed20-42e5-a389-515d0a021402 2022-01-28 05:51:53+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/125...

7.2CVSS7.1AI score0.48721EPSS
Exploits1References1
CVE
CVE
added 2018/12/03 10:0 p.m.56 views

CVE-2018-4019

Netgate pfSense CE 2.4.4-RELEASE is affected by three remote command-injection vulnerabilities in the POST handling of system_advanced_misc.php (powerd_normal_mode, powerd_ac_mode, powerd_battery_mode). An attacker must authenticate to the pfSense web admin interface to exploit these via crafted ...

7.2CVSS7.4AI score0.48721EPSS
Exploits1References1Affected Software1
Talos
Talos
added 2018/12/03 12:0 a.m.80 views

Netgate pfSense system_advanced_misc.php multiple remote command injection vulnerabilities

Summary Three exploitable command injection vulnerabilities exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send...

7.2CVSS7.7AI score0.7221EPSS
Exploits3
Rows per page
Query Builder