pfsense/pfsense on GitHub
Main repository for pfSense
CVE History
| CVE | Published | CVSS v2 | CVSS v3 |
|---|---|---|---|
| CVE-2023-48123 | 8.8 HIGH | N/A | |
| An issue in Netgate pfSense Plus v.23.05.1 and before and pfSense CE v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the packet_capture.php file. | |||
| CVE-2023-27253 | 8.8 HIGH | N/A | |
| A command injection vulnerability in the function restore_rrddata() of Netgate pfSense v2.7.0 allows authenticated attackers to execute arbitrary commands via manipulating the contents of an XML file supplied to the component config.xml. | |||
| CVE-2022-42247 | 6.1 MEDIUM | N/A | |
| pfSense v2.5.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the browser.php component. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a file name. | |||
| CVE-2022-23993 | 6.1 MEDIUM | 4.3 MEDIUM | |
| /usr/local/www/pkg.php in pfSense CE before 2.6.0 and pfSense Plus before 22.01 uses $_REQUEST['pkg_filter'] in a PHP echo call, causing XSS. | |||
| CVE-2020-26693 | 5.4 MEDIUM | 3.5 LOW | |
| A stored cross-site scripting (XSS) vulnerability was discovered in pfSense 2.4.5-p1 which allows an authenticated attacker to execute arbitrary web scripts via exploitation of the load_balancer_monitor.php function. | |||
| CVE-2020-10797 | 6.1 MEDIUM | 4.3 MEDIUM | |
| An XSS vulnerability resides in the hostname field of the diag_ping.php page in pfsense before 2.4.5 version. After passing inputs to the command and executing this command, the $result variable is not sanitized before it is printed. | |||
| CVE-2020-11457 | 5.4 MEDIUM | 3.5 LOW | |
| pfSense before 2.4.5 has stored XSS in system_usermanager_addprivs.php in the WebGUI via the descr parameter (aka full name) of a user. | |||
| CVE-2019-16914 | 6.1 MEDIUM | 4.3 MEDIUM | |
| An XSS issue was discovered in pfSense through 2.4.4-p3. In services_captiveportal_mac.php, the username and delmac parameters are displayed without sanitization. | |||
| CVE-2019-16915 | 9.8 CRITICAL | 7.5 HIGH | |
| An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization (e.g., a basename call) for a pathname to file_get_contents or file_put_contents. | |||
| CVE-2019-16701 | 8.8 HIGH | 9 HIGH | |
| pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.exec_php call containing shell metacharacters in a parameter value. | |||
| CVE-2017-1000479 | 8.8 HIGH | 6.8 MEDIUM | |
| pfSense versions 2.4.1 and lower are vulnerable to clickjacking attacks in the CSRF error page resulting in privileged execution of arbitrary code, because the error detection occurs before an X-Frame-Options header is set. This is fixed in 2.4.2-RELEASE. OPNsense, a 2015 fork of pfSense, was not vulnerable since version 16.1.16 released on June 06, 2016. The unprotected web form was removed from the code during an internal security audit under "possibly insecure" suspicions. | |||