Pfsense@2.7.0 Security Vulnerabilities and Issues — Pfsense@2.7.0 CVE List

Lucene search

NetgatePfsense2.7.0

3 matches found

CVE•added 2023/03/17 10:15 p.m.•80 views

CVE-2023-27253

A command injection vulnerability in the function restore_rrddata() of Netgate pfSense v2.7.0 allows authenticated attackers to execute arbitrary commands via manipulating the contents of an XML file supplied to the component config.xml.

8.8CVSS8.9AI score0.78921EPSS

CVE•added 2023/11/14 4:15 a.m.•41 views

CVE-2023-42325

Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted url to the status_logs_filter_dynamic.php page.

5.4CVSS5.9AI score0.48312EPSS

CVE•added 2023/11/14 4:15 a.m.•26 views

CVE-2023-42327

Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted URL to the getserviceproviders.php page.

5.4CVSS5.9AI score0.48312EPSS