Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2021/02/02 12:0 a.m.44 views

pfSense 2.4.x < 2.4.4-p1 Multiple Vulnerabilities (SA-18_09)

According to its self-reported version number, the remote pfSense install is a version 2.4.x prior to 2.4.4-p1. It is, therefore, affected by multiple vulnerabilities, including the following: - An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE...

7.2CVSS6.5AI score0.7221EPSS
Exploits3References8
Circl
Circl
added 2018/12/06 5:58 p.m.12 views

CVE-2018-4020

creationtimestamp| type| source ---|---|--- 2018-12-06 17:58:41+00:00| seen| MISP/5c096266-ed20-42e5-a389-515d0a021402 2022-01-28 05:51:53+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/125...

7.2CVSS6.9AI score0.48721EPSS
Exploits1References1
CVE
CVE
added 2018/12/03 10:0 p.m.61 views

CVE-2018-4020

PfSense CE 2.4.4-RELEASE is affected by three command-injection vulnerabilities in POST handlers of system_advanced_misc.php, via powerd_normal_mode, powerd_ac_mode, and powerd_battery_mode parameters. The root cause is improper sanitization of these POST values, allowing an authenticated attacke...

7.2CVSS7.4AI score0.48721EPSS
Exploits1References1Affected Software1
Talos
Talos
added 2018/12/03 12:0 a.m.80 views

Netgate pfSense system_advanced_misc.php multiple remote command injection vulnerabilities

Summary Three exploitable command injection vulnerabilities exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send...

7.2CVSS7.7AI score0.7221EPSS
Exploits3
Rows per page
Query Builder