Page 4 of 39 results (0.032 seconds)

CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0

Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request. El control de acceso incorrecto en la WebUI en OPNsense antes de la versión 19.1.8, y pfsense antes de 2.4.4-p3 permite a los usuarios autenticados remotos escalar los privilegios a administrador a través de una solicitud especialmente diseñada. • https://forum.opnsense.org/index.php?topic=12787.0 https://www.netgate.com/blog/pfsense-2-4-4-release-p3-now-available.html •

CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0

An authenticated command injection vulnerability exists in status_interfaces.php via dhcp_relinquish_lease() in pfSense before 2.4.4 due to its passing user input from the $_POST parameters "ifdescr" and "ipv" to a shell without escaping the contents of the variables. This allows an authenticated WebGUI user with privileges for the affected page to execute commands in the context of the root user when submitting a request to relinquish a DHCP lease for an interface which is configured to obtain its address via DHCP. Existe una vulnerabilidad de inyección de comandos en status_interfaces.php por medio de dhcp_relinquish_lease() en pfSense en versiones anteriores a la 2.4.4 debido a que pasa entradas de usuario de los parámetros $_POST "ifdescr" y "ipv" a un shell sin escapar el contenido de las variables. Esto permite que un usuario de la WebGUI autenticado con privilegios en la página afectada ejecute comandos en el contexto del usuario root al enviar una solicitud para renunciar a una asignación DHCP para una interfaz que está configurada para obtener su dirección mediante DHCP. • https://doddsecurity.com/190/command-injection-on-pfsense-firewalls https://www.pfsense.org/security/advisories/pfSense-SA-18_08.webgui.asc • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 9.0EPSS: 49%CPEs: 1EXPL: 3

pfSense before 2.3 allows remote authenticated users to execute arbitrary OS commands via a '|' character in the status_rrd_graph_img.php graph parameter, related to _rrd_graph_img.php. pfSense, en versiones anteriores a la 2.3, permite que usuarios autenticados remotos ejecuten comandos arbitrarios del sistema operativo mediante un carácter "|" en el parámetro de gráfica status_rrd_graph_img.php, relacionado con _rrd_graph_img.php. • https://www.exploit-db.com/exploits/39709 https://www.pfsense.org/security/advisories/pfSense-SA-16_01.webgui.asc https://www.rapid7.com/db/modules/exploit/unix/http/pfsense_graph_injection_exec https://www.security-assessment.com/files/documents/advisory/pfsenseAdvisory.pdf • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 2

pfSense versions 2.4.1 and lower are vulnerable to clickjacking attacks in the CSRF error page resulting in privileged execution of arbitrary code, because the error detection occurs before an X-Frame-Options header is set. This is fixed in 2.4.2-RELEASE. OPNsense, a 2015 fork of pfSense, was not vulnerable since version 16.1.16 released on June 06, 2016. The unprotected web form was removed from the code during an internal security audit under "possibly insecure" suspicions. pfSense, en sus versiones 2.4.1 y anteriores, es vulnerable a ataques de secuestro de clics en la página de error CSRF. Esto resulta en la ejecución con privilegios de código arbitrario. • http://www.openwall.com/lists/oss-security/2017/11/22/7 https://doc.pfsense.org/index.php/2.4.2_New_Features_and_Changes https://github.com/opnsense/core/commit/d218b225 https://github.com/pfsense/pfsense/commit/386d89b07 https://www.netgate.com/blog/pfsense-2-4-2-release-p1-and-2-3-5-release-p1-now-available.html https://www.securify.nl/en/advisory/SFY20171101/clickjacking-vulnerability-in-csrf-error-page-pfsense.html https://securify.nl/en/advisory/SFY20171101/clickjacking-vuln • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the descr parameter in a "new" action to system_authservers.php. Vulnerabilidad de XSS en pfSense en versiones anteriores a 2.2.3, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro descr en una 'nueva' acción a system_authservers.php. • https://redmine.pfsense.org/issues/4698 https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •