CVSS: 9.0EPSS: 91%CPEs: 1EXPL: 3CVE-2021-41282 – pfSense 2.5.2 Shell Upload
https://notcve.org/view.php?id=CVE-2021-41282
01 Mar 2022 — diag_routes.php in pfSense 2.5.2 allows sed data injection. Authenticated users are intended to be able to view data about the routes set in the firewall. The data is retrieved by executing the netstat utility, and then its output is parsed via the sed utility. Although the common protection mechanisms against command injection (i.e., the usage of the escapeshellarg function for the arguments) are used, it is still possible to inject sed-specific code and write an arbitrary file in an arbitrary location. El... • https://packetstorm.news/files/id/166208 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-23993
https://notcve.org/view.php?id=CVE-2022-23993
26 Jan 2022 — /usr/local/www/pkg.php in pfSense CE before 2.6.0 and pfSense Plus before 22.01 uses $_REQUEST['pkg_filter'] in a PHP echo call, causing XSS. /usr/local/www/pkg.php en pfSense CE antes de 2.6.0 y pfSense Plus antes de 22.01 utiliza $_REQUEST['pkg_filter'] en una llamada de eco de PHP, lo que provoca XSS • https://docs.netgate.com/downloads/pfSense-SA-22_04.webgui.asc • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 1%CPEs: 3EXPL: 1CVE-2020-19201
https://notcve.org/view.php?id=CVE-2020-19201
12 Jul 2021 — A Stored Cross-Site Scripting (XSS) vulnerability was found in status_filter_reload.php, a page in the pfSense software WebGUI, on Netgate pfSense version 2.4.4-p2 and earlier. The page did not encode output from the filter reload process, and a stored XSS was possible via the descr (description) parameter on NAT rules. Se ha encontrado una vulnerabilidad de Cross-Site Scripting (XSS) almacenada en status_filter_reload.php, una página de la WebGUI del software pfSense, en la versión 2.4.4-p2 de Netgate pfSe... • https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 1%CPEs: 4EXPL: 0CVE-2020-19203
https://notcve.org/view.php?id=CVE-2020-19203
12 Jul 2021 — An authenticated Cross-Site Scripting (XSS) vulnerability was found in widgets/widgets/wake_on_lan_widget.php, a component of the pfSense software WebGUI, on version 2.4.4-p2 and earlier. The widget did not encode the descr (description) parameter of wake-on-LAN entries in its output, leading to a possible stored XSS. Se ha encontrado una vulnerabilidad de Cross-Site Scripting (XSS) autentificada en widgets/widgets/wake_on_lan_widget.php, un componente de la WebGUI del software pfSense, en la versión 2.4.4-... • https://docs.netgate.com/pfsense/en/latest/releases/2-4-4-p3.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26693
https://notcve.org/view.php?id=CVE-2020-26693
01 Jun 2021 — A stored cross-site scripting (XSS) vulnerability was discovered in pfSense 2.4.5-p1 which allows an authenticated attacker to execute arbitrary web scripts via exploitation of the load_balancer_monitor.php function. Se ha detectado una vulnerabilidad de tipo cross-site scripting (XSS) almacenado en pfSense versión 2.4.5-p1, que permite a un atacante autentificado ejecutar scripts web arbitrarios por medio de la explotación de la función load_balancer_monitor.php • https://github.com/pfsense/pfsense/commit/a220a22a8c05c10a7b875ac6b565f2c4fe7b251c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 1CVE-2021-27933
https://notcve.org/view.php?id=CVE-2021-27933
28 Apr 2021 — pfSense 2.5.0 allows XSS via the services_wol_edit.php Description field. pfSense versión 2.5.0, permite un ataque de tipo XSS por medio del campo Descripción services_wol_edit.php • http://seclists.org/fulldisclosure/2021/Apr/61 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 0CVE-2020-10797
https://notcve.org/view.php?id=CVE-2020-10797
29 Apr 2020 — An XSS vulnerability resides in the hostname field of the diag_ping.php page in pfsense before 2.4.5 version. After passing inputs to the command and executing this command, the $result variable is not sanitized before it is printed. Una vulnerabilidad de tipo XSS reside en el campo hostname de la página diag_ping.php en pfsense versiones anteriores a 2.4.5. Después de pasar las entradas al comando y ejecutar este comando, la variable $result no es saneada antes de ser impresa. • https://docs.netgate.com/pfsense/en/latest/releases/2-4-5-new-features-and-changes.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 2CVE-2020-11457 – pfSense 2.4.4-P3 - 'User Manager' Persistent Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2020-11457
01 Apr 2020 — pfSense before 2.4.5 has stored XSS in system_usermanager_addprivs.php in the WebGUI via the descr parameter (aka full name) of a user. pfSense versiones anteriores a 2.4.5, presenta una vulnerabilidad de tipo XSS almacenado en el archivo system_usermanager_addprivs.php en la WebGUI por medio del parámetro descr (también se conoce como full name) de un usuario. pfSense version 2.4.4-P3 suffers from a User Manager persistent cross site scripting vulnerability. • https://packetstorm.news/files/id/157104 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 49%CPEs: 1EXPL: 3CVE-2019-16667 – pfSense 2.4.4-p3 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2019-16667
26 Sep 2019 — diag_command.php in pfSense 2.4.4-p3 allows CSRF via the txtCommand or txtRecallBuffer field, as demonstrated by executing OS commands. This occurs because csrf_callback() produces a "CSRF token expired" error and a Try Again button when a CSRF token is missing. El archivo diag_command.php en pfSense versión 2.4.4-p3, permite un ataque de tipo CSRF por medio del campo txtCommand o txtRecallBuffer, como es demostrado mediante la ejecución de comandos de Sistema Operativo. Esto se presenta porque la función c... • https://packetstorm.news/files/id/158614 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2019-16914
https://notcve.org/view.php?id=CVE-2019-16914
26 Sep 2019 — An XSS issue was discovered in pfSense through 2.4.4-p3. In services_captiveportal_mac.php, the username and delmac parameters are displayed without sanitization. Se descubrió un problema de tipo XSS en pfSense versiones hasta 2.4.4-p3. En el archivo services_captiveportal_mac.php, los parámetros username y delmac se muestran sin saneamiento. • https://github.com/pfsense/pfsense/commit/d31362b69d5d52dc196dc72f66e830cd1e6e9a4f • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •