Pfsense Security Vulnerabilities and Issues — Pfsense CVE List

Lucene search

NetgatePfsense

3 matches found

CVE•added 2022/03/31 8:15 a.m.•80 views

CVE-2022-24299

Improper input validation vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change OpenVPN client or server settings to execute an arbitrary command.

8.8CVSS8.7AI score0.0019EPSS

CVE•added 2022/03/31 8:15 a.m.•72 views

CVE-2022-26019

Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, which may result ...

8.8CVSS8.8AI score0.00221EPSS

CVE•added 2022/12/15 7:15 p.m.•55 views

CVE-2020-21219

Cross Site Scripting (XSS) vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the RootFolder field to acme_certificate_edit.php page of the ACME package.

6.1CVSS6.1AI score0.00235EPSS