Pfsense Plus Security Vulnerabilities and Issues — Pfsense Plus CVE List

Lucene search

NetgatePfsense Plus

3 matches found

CVE•added 2022/03/31 8:15 a.m.•80 views

CVE-2022-24299

Improper input validation vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change OpenVPN client or server settings to execute an arbitrary command.

8.8CVSS8.7AI score0.0019EPSS

CVE•added 2022/03/31 8:15 a.m.•73 views

CVE-2021-20729

Cross-site scripting vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions 2.5.2 and earlier, and pfSense Plus software versions 21.05 and earlier) allows a remote attacker to inject an arbitrary script via a malicious URL.

6.1CVSS6.2AI score0.00235EPSS

CVE•added 2022/03/31 8:15 a.m.•72 views

CVE-2022-26019

Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, which may result ...

8.8CVSS8.8AI score0.00221EPSS