Truenas Firmware Security Vulnerabilities and Issues — Truenas Firmware CVE List

Lucene search

IxsystemsTruenas Firmware

3 matches found

CVE•added 2024/12/30 9:15 p.m.•70 views

CVE-2024-11944

iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of iXsystems TrueNAS devices. Authentication is not required to exploit this vulnerability. The...

8.8CVSS7.9AI score0.00128EPSS

CVE•added 2024/12/30 9:15 p.m.•48 views

CVE-2024-11946

iXsystems TrueNAS CORE fetch_plugin_packagesites tar Cleartext Transmission of Sensitive Information Vulnerability. This vulnerability allows network-adjacent attackers to tamper with firmware update files on affected installations of iXsystems TrueNAS devices. Authentication is not required to exp...

6.5CVSS4.2AI score0.00019EPSS

CVE•added 2020/04/08 11:15 p.m.•38 views

CVE-2020-11650

An issue was discovered in iXsystems FreeNAS (and TrueNAS) 11.2 before 11.2-u8 and 11.3 before 11.3-U1. It allows a denial of service. The login authentication component has no limits on the length of an authentication message or the rate at which such messages are sent.

7.5CVSS7.5AI score0.11916EPSS