Lucene search

K

7 matches found

CVE
CVE
added 2023/03/17 10:15 p.m.80 views

CVE-2023-27253

A command injection vulnerability in the function restore_rrddata() of Netgate pfSense v2.7.0 allows authenticated attackers to execute arbitrary commands via manipulating the contents of an XML file supplied to the component config.xml.

8.8CVSS8.9AI score0.78921EPSS
CVE
CVE
added 2023/12/06 8:15 p.m.52 views

CVE-2023-48123

An issue in Netgate pfSense Plus v.23.05.1 and before and pfSense CE v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the packet_capture.php file.

8.8CVSS8.8AI score0.6533EPSS
CVE
CVE
added 2023/11/14 4:15 a.m.41 views

CVE-2023-42325

Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted url to the status_logs_filter_dynamic.php page.

5.4CVSS5.9AI score0.48312EPSS
CVE
CVE
added 2023/11/14 5:15 a.m.39 views

CVE-2023-42326

An issue in Netgate pfSense v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the interfaces_gif_edit.php and interfaces_gre_edit.php components.

8.8CVSS8.8AI score0.83318EPSS
CVE
CVE
added 2023/04/04 3:15 p.m.28 views

CVE-2020-21487

Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows attackers to execute arbitrary code via the RootFolder field of acme_certificates.php.

9.6CVSS9.1AI score0.00528EPSS
CVE
CVE
added 2023/02/22 9:15 p.m.27 views

CVE-2022-29273

pfSense CE through 2.6.0 and pfSense Plus before 22.05 allow XSS in the WebGUI via URL Table Alias URL parameters.

6.1CVSS6AI score0.45069EPSS
CVE
CVE
added 2023/11/14 4:15 a.m.26 views

CVE-2023-42327

Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted URL to the getserviceproviders.php page.

5.4CVSS5.9AI score0.48312EPSS