Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2021/02/02 12:0 a.m.45 views

pfSense 2.4.x < 2.4.4-p1 Multiple Vulnerabilities (SA-18_09)

According to its self-reported version number, the remote pfSense install is a version 2.4.x prior to 2.4.4-p1. It is, therefore, affected by multiple vulnerabilities, including the following: - An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE...

7.2CVSS6.5AI score0.7221EPSS
Exploits3References8
Circl
Circl
added 2018/12/06 5:58 p.m.12 views

CVE-2018-4021

creationtimestamp| type| source ---|---|--- 2018-12-06 17:58:41+00:00| seen| MISP/5c096266-ed20-42e5-a389-515d0a021402...

7.2CVSS6.8AI score0.7221EPSS
Exploits1
OSV
OSV
added 2018/12/03 10:29 p.m.3 views

CVE-2018-4021

An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated...

7.2CVSS6.1AI score0.7221EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/12/03 10:0 p.m.19 views

CVE-2018-4021

An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated...

7.2CVSS7.4AI score0.7221EPSS
Exploits1References1
CVE
CVE
added 2018/12/03 10:0 p.m.52 views

CVE-2018-4021

The CVE-2018-4021 entry concerns Netgate pfSense CE 2.4.4-RELEASE and describes a command injection vulnerability in the POST parameter powerd_battery_mode (and relatedly in powerd_normal_mode and powerd_ac_mode per TALOS). An attacker who can send authenticated POST requests to the pfSense web G...

7.2CVSS7.4AI score0.7221EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder