CVSS: 9.8EPSS: 84%CPEs: 79EXPL: 3CVE-2023-48795 – ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
https://notcve.org/view.php?id=CVE-2023-48795
18 Dec 2023 — The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phas... • https://packetstorm.news/files/id/176280 • CWE-222: Truncation of Security-relevant Information CWE-354: Improper Validation of Integrity Check Value •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2020-21487
https://notcve.org/view.php?id=CVE-2020-21487
04 Apr 2023 — Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows attackers to execute arbitrary code via the RootFolder field of acme_certificates.php. • https://github.com/pfsense/FreeBSD-ports/commit/a6f443cde51e7fcf17e51f16014d3589253284d8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2020-21219
https://notcve.org/view.php?id=CVE-2020-21219
15 Dec 2022 — Cross Site Scripting (XSS) vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote attackers to to run arbitrary code via the RootFolder field to acme_certificate_edit.php page of the ACME package. Vulnerabilidad de Cross Site Scripting (XSS) en Netgate pf Sense 2.4.4-Release-p3 y el paquete Netgate ACME 0.6.3 permite a atacantes remotos ejecutar código arbitrario a través del campo RootFolder en la página acme_certificate_edit.php del paquete ACME. • https://github.com/pfsense/FreeBSD-ports/commit/a6f443cde51e7fcf17e51f16014d3589253284d8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-20729
https://notcve.org/view.php?id=CVE-2021-20729
31 Mar 2022 — Cross-site scripting vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions 2.5.2 and earlier, and pfSense Plus software versions 21.05 and earlier) allows a remote attacker to inject an arbitrary script via a malicious URL. Una vulnerabilidad de tipo cross-site scripting en pfSense CE y pfSense Plus (software pfSense CE versiones 2.5.2 y anteriores, y software pfSense Plus versiones 21.05 y anteriores) permite a un atacante remoto inyectar un script arbitrario por medio de una URL malic... • https://docs.netgate.com/downloads/pfSense-SA-21_02.captiveportal.asc • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 1%CPEs: 3EXPL: 1CVE-2020-19201
https://notcve.org/view.php?id=CVE-2020-19201
12 Jul 2021 — A Stored Cross-Site Scripting (XSS) vulnerability was found in status_filter_reload.php, a page in the pfSense software WebGUI, on Netgate pfSense version 2.4.4-p2 and earlier. The page did not encode output from the filter reload process, and a stored XSS was possible via the descr (description) parameter on NAT rules. Se ha encontrado una vulnerabilidad de Cross-Site Scripting (XSS) almacenada en status_filter_reload.php, una página de la WebGUI del software pfSense, en la versión 2.4.4-p2 de Netgate pfSe... • https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 1%CPEs: 4EXPL: 0CVE-2020-19203
https://notcve.org/view.php?id=CVE-2020-19203
12 Jul 2021 — An authenticated Cross-Site Scripting (XSS) vulnerability was found in widgets/widgets/wake_on_lan_widget.php, a component of the pfSense software WebGUI, on version 2.4.4-p2 and earlier. The widget did not encode the descr (description) parameter of wake-on-LAN entries in its output, leading to a possible stored XSS. Se ha encontrado una vulnerabilidad de Cross-Site Scripting (XSS) autentificada en widgets/widgets/wake_on_lan_widget.php, un componente de la WebGUI del software pfSense, en la versión 2.4.4-... • https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 0CVE-2020-10797
https://notcve.org/view.php?id=CVE-2020-10797
29 Apr 2020 — An XSS vulnerability resides in the hostname field of the diag_ping.php page in pfsense before 2.4.5 version. After passing inputs to the command and executing this command, the $result variable is not sanitized before it is printed. Una vulnerabilidad de tipo XSS reside en el campo hostname de la página diag_ping.php en pfsense versiones anteriores a 2.4.5. Después de pasar las entradas al comando y ejecutar este comando, la variable $result no es saneada antes de ser impresa. • https://docs.netgate.com/pfsense/en/latest/releases/2-4-5-new-features-and-changes.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 2%CPEs: 1EXPL: 2CVE-2020-11457 – pfSense 2.4.4-P3 - 'User Manager' Persistent Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2020-11457
01 Apr 2020 — pfSense before 2.4.5 has stored XSS in system_usermanager_addprivs.php in the WebGUI via the descr parameter (aka full name) of a user. pfSense versiones anteriores a 2.4.5, presenta una vulnerabilidad de tipo XSS almacenado en el archivo system_usermanager_addprivs.php en la WebGUI por medio del parámetro descr (también se conoce como full name) de un usuario. pfSense version 2.4.4-P3 suffers from a User Manager persistent cross site scripting vulnerability. • https://packetstorm.news/files/id/157104 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 49%CPEs: 1EXPL: 3CVE-2019-16667 – pfSense 2.4.4-p3 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2019-16667
26 Sep 2019 — diag_command.php in pfSense 2.4.4-p3 allows CSRF via the txtCommand or txtRecallBuffer field, as demonstrated by executing OS commands. This occurs because csrf_callback() produces a "CSRF token expired" error and a Try Again button when a CSRF token is missing. El archivo diag_command.php en pfSense versión 2.4.4-p3, permite un ataque de tipo CSRF por medio del campo txtCommand o txtRecallBuffer, como es demostrado mediante la ejecución de comandos de Sistema Operativo. Esto se presenta porque la función c... • https://packetstorm.news/files/id/158614 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2019-16914
https://notcve.org/view.php?id=CVE-2019-16914
26 Sep 2019 — An XSS issue was discovered in pfSense through 2.4.4-p3. In services_captiveportal_mac.php, the username and delmac parameters are displayed without sanitization. Se descubrió un problema de tipo XSS en pfSense versiones hasta 2.4.4-p3. En el archivo services_captiveportal_mac.php, los parámetros username y delmac se muestran sin saneamiento. • https://github.com/pfsense/pfsense/commit/d31362b69d5d52dc196dc72f66e830cd1e6e9a4f • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •