CVE-2023-29973

Pfsense CE version 2.6.0 is vulnerable to No rate limit which can lead to an attacker creating multiple malicious users in firewall...

CVE-2025-12490

The CVE-2025-12490 entry describes a path traversal in Netgate pfSense CE Suricata that allows remote creation of arbitrary files with root privileges. The root cause is inadequate validation of a user-supplied path before file operations within the Suricata package, requiring authentication to e...

Netgate pfSense CE 路径遍历漏洞

Netgate pfSense CE is a FreeBSD-based open source firewall and routing platform from Netgate that supports enterprise-class network security and network management features. A path traversal vulnerability exists in Netgate pfSense CE, which stems from insufficient validation of user-supplied path...

EUVD-2023-33503

Malicious code in bioql PyPI...

EUVD-2023-33505

Malicious code in bioql PyPI...

EUVD-2025-27468

Malicious code in bioql PyPI...

EUVD-2025-19534

Malicious code in bioql PyPI...

EUVD-2023-33504

Malicious code in bioql PyPI...

CVE-2025-34173

In pfSense CE /usr/local/www/snort/snortipreputation.php, the value of the iplist parameter is not sanitized of directory traversal-related characters/strings before being used to check if a file exists. While the contents of the file cannot be read, the server reveals whether a file exists, whic...

Netgate pfSense CE 安全漏洞

Netgate pfSense CE is a FreeBSD-based open source firewall and routing platform from Netgate, Inc. that supports enterprise-class network security and network management features. A security vulnerability exists in Netgate pfSense CE that stems from the iplist parameter not cleaning up directory...

Netgate pfSense CE 安全漏洞

Netgate pfSense CE is a FreeBSD-based open source firewall and routing platform from Netgate, Inc. that supports enterprise-class network security and network management features. A security vulnerability exists in Netgate pfSense CE that stems from the filehash parameter not being cleaned of HTM...

Netgate pfSense CE 安全漏洞

Netgate pfSense CE is a FreeBSD-based open source firewall and routing platform from Netgate, Inc. that supports enterprise-class network security and network management features. A security vulnerability exists in Netgate pfSense CE that stems from the policyname parameter not being cleaned of...

Netgate pfSense CE 安全漏洞

Netgate pfSense CE is a FreeBSD-based open source firewall and routing platform from Netgate, Inc. that supports enterprise-class network security and network management features. A security vulnerability exists in Netgate pfSense CE that stems from the start-day parameter not validating as a...

Netgate pfSense CE 安全漏洞

Netgate pfSense CE is a FreeBSD-based open source firewall and routing platform from Netgate, Inc. that supports enterprise-class network security and network management features. A security vulnerability exists in Netgate pfSense CE that stems from the policyname parameter not being cleaned of...

Netgate pfSense CE 安全漏洞

Netgate pfSense CE is a FreeBSD-based open source firewall and routing platform from Netgate, Inc. that supports enterprise-class network security and network management features. A security vulnerability exists in Netgate pfSense CE that stems from an unvalidated showsticktablecontent parameter,...

CVE-2025-53392

In Netgate pfSense CE 2.8.0, the "WebCfg - Diagnostics: Command" privilege allows reading arbitrary files via diagcommand.php dlPath directory traversal. NOTE: the Supplier's perspective is that this is intended behavior for this privilege level, and that system administrators are informed throug...

CVE-2025-53392

CVE-2025-53392 : In pfSense CE 2.8.0, the WebCfg - Diagnostics: Command privilege allows an authenticated user to download/read arbitrary files via a directory traversal in diag_command.php (dlPath). This is a local file-disclosure vulnerability, with evidence of PoC/exploit activity (e.g., publi...

CVE-2025-53392

In Netgate pfSense CE 2.8.0, the "WebCfg - Diagnostics: Command" privilege allows reading arbitrary files via diagcommand.php dlPath directory traversal. NOTE: the Supplier's perspective is that this is intended behavior for this privilege level, and that system administrators are informed throug...

PT-2025-27330 · Netgate · Pfsense Ce

Name of the Vulnerable Software and Affected Versions: Netgate pfSense CE version 2.8.0 Description: The issue arises from the "WebCfg - Diagnostics: Command" privilege, which improperly allows users to read arbitrary files on the system through a directory traversal attack targeting the diag...

Netgate pfSense CE 代码注入漏洞

Netgate pfSense CE is a FreeBSD-based open source firewall and routing platform from Netgate that supports enterprise-class network security and network management features. A security vulnerability exists in Netgate pfSense CE prior to version 2.8.0 beta, which stems from improperly cleaned user...