Lucene search
K
NetgatePfsense Ce

4 matches found

CVE
CVE
added 2023/12/18 12:0 a.m.4926 views

CVE-2023-48795

CVE-2023-48795 is referenced across several connected advisories, detailing affected packages and required upgrades. Astra Linux/CBL-Mariner entries note: podman (<5.6.1-2) needs upgrade, erlang (<25.2-1), libssh2 (<1.11.1-1), libssh (<0.10.6-1), terraform (<1.3.2-25), kubevirt (&l...

5.9CVSS6.7AI score0.93305EPSS
CVE
CVE
added 2025/05/14 12:0 a.m.121 views

CVE-2024-54779

CVE-2024-54779 affects Netgate pfSense CE and corresponding Plus builds before 2.8.0 beta, with a Cross Site Scripting (XSS) flaw in widgets/log.widget.php. Root cause: input handling in that widget allows injected script. Impact per sources is XSS risk; no exploitation details are provided in th...

5.4CVSS6.1AI score0.03737EPSS
CVE
CVE
added 2025/05/14 12:0 a.m.102 views

CVE-2024-57273

CVE-2024-57273 affects Netgate pfSense CE and Plus builds older than pfSense 2.8.0 beta, with a stored/reflected XSS in the Automatic Configuration Backup (ACB) service. The unsanitized Reason field (and a derivable device key from the public SSH key) enables remote attacker JavaScript execution,...

5.4CVSS6.3AI score0.01181EPSS
CVE
CVE
added 2025/05/14 12:0 a.m.77 views

CVE-2024-54780

CVE-2024-54780 affects Netgate pfSense CE (prior to 2.8.0 beta) and corresponding Plus builds. The vulnerability is a command-injection flaw in the OpenVPN widget caused by improper sanitization of user-supplied input to the OpenVPN management interface, enabling an authenticated attacker to inje...

8.8CVSS7.6AI score0.11991EPSS