5 matches found
pfSense 2.4.x < 2.4.4-p1 Multiple Vulnerabilities (SA-18_09)
According to its self-reported version number, the remote pfSense install is a version 2.4.x prior to 2.4.4-p1. It is, therefore, affected by multiple vulnerabilities, including the following: - An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE...
CVE-2018-4021
creationtimestamp| type| source ---|---|--- 2018-12-06 17:58:41+00:00| seen| MISP/5c096266-ed20-42e5-a389-515d0a021402...
CVE-2018-4021
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated...
CVE-2018-4021
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated...
CVE-2018-4021
The CVE-2018-4021 entry concerns Netgate pfSense CE 2.4.4-RELEASE and describes a command injection vulnerability in the POST parameter powerd_battery_mode (and relatedly in powerd_normal_mode and powerd_ac_mode per TALOS). An attacker who can send authenticated POST requests to the pfSense web G...