Pfsense Ce Security Vulnerabilities and Issues — Pfsense Ce CVE List

Lucene search

NetgatePfsense Ce

4 matches found

CVE•added 2023/12/18 4:15 p.m.•3815 views

CVE-2023-48795

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connecti...

5.9CVSS6.7AI score0.70714EPSS

CVE•added 2025/05/14 2:15 p.m.•62 views

CVE-2024-57273

Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds is vulnerable to Cross-site scripting (XSS) in the Automatic Configuration Backup (ACB) service, allowing remote attackers to execute arbitrary JavaScript, delete backups, or leak sensitive information via an unsanitized...

5.4CVSS6.3AI score0.00096EPSS

CVE•added 2025/05/14 2:15 p.m.•54 views

CVE-2024-54780

Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds are vulnerable to command injection in the OpenVPN widget due to improper sanitization of user-supplied input to the OpenVPN management interface. An authenticated attacker can exploit this vulnerability by injecting arb...

8.8CVSS7.6AI score0.00633EPSS

CVE•added 2025/05/14 2:15 p.m.•37 views

CVE-2024-54779

Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds is vulnerable to Cross Site Scripting (XSS) in widgets/log.widget.php.

5.4CVSS6.1AI score0.00019EPSS