Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

NVD
NVDadded 2022/03/01 11:15 p.m.16 views

CVE-2021-41282

diagroutes.php in pfSense 2.5.2 allows sed data injection. Authenticated users are intended to be able to view data about the routes set in the firewall. The data is retrieved by executing the netstat utility, and then its output is parsed via the sed utility. Although the common protection...

9CVSS0.91268EPSS
Exploits4References4
CVE
CVEadded 2022/03/01 10:45 p.m.137 views

CVE-2021-41282

CVE-2021-41282 affects pfSense 2.5.2 where diag_routes.php uses netstat output parsed by sed. Despite escapeshellarg, an attacker with authenticated access and the required WebCfg privilege can inject sed code, enabling arbitrary file write and potential web shell execution. Descriptions across c...

9CVSS9AI score0.91268EPSS
Exploits4References4Affected Software1
CNNVD
CNNVDadded 2022/02/14 12:0 a.m.3 views

pfSense 注入漏洞

pfSense is a set of network firewalls based on FreeBSD Linux. pfSense suffers from an injection vulnerability that can be exploited by an attacker to run code via diagroutes.php...

9CVSS8AI score0.91268EPSS
Exploits4References8
Rows per page
Query Builder