Pfsense Security Vulnerabilities and Issues — Pfsense CVE List

Lucene search

NetgatePfsense

3 matches found

CVE•added 2019/06/03 3:29 a.m.•73 views

CVE-2019-12585

Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an Arbitrary Command Execution issue in apcupsd_status.php.

9.8CVSS9.6AI score0.09797EPSS

CVE•added 2019/06/25 11:15 a.m.•67 views

CVE-2019-12949

In pfSense 2.4.4-p2 and 2.4.4-p3, if it is possible to trick an authenticated administrator into clicking on a button on a phishing page, an attacker can leverage XSS to upload arbitrary executable code, via diag_command.php and rrd_fetch_json.php (timePeriod parameter), to a server. Then, the remo...

6.1CVSS6.1AI score0.10406EPSS

CVE•added 2019/06/03 3:29 a.m.•53 views

CVE-2019-12584

Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsd_status.php.

6.1CVSS6.2AI score0.03889EPSS