4 matches found
CVE-2023-29973
Pfsense CE version 2.6.0 is vulnerable to No rate limit which can lead to an attacker creating multiple malicious users in firewall...
PT-2023-12967 · Unknown · Pfsense Ce +1
Name of the Vulnerable Software and Affected Versions: pfSense CE versions 2.6.0 and earlier pfSense Plus versions prior to 22.05 Description: The issue allows for XSS in the WebGUI via URL Table Alias URL parameters. This means an attacker could potentially inject malicious scripts into the web...
pfSense CE 跨站脚本漏洞
pfSense is a set of network firewalls based on FreeBSD Linux. A security vulnerability exists in pfSense CE version 2.6.0 and earlier, and pfSense Plus version 22.05 and earlier. An attacker exploits the vulnerability to conduct cross-site scripting attacks in the WebGUI via URL parameters...
PT-2022-17635 · Unknown · Pfsense Ce +1
Name of the Vulnerable Software and Affected Versions: pfSense CE versions prior to 2.6.0 pfSense Plus versions prior to 22.01 Description: The issue is related to improper access control in pfSense CE and pfSense Plus, allowing a remote attacker with the privilege to change NTP GPS settings to...