CVSS: 7.2EPSS: 2%CPEs: 4EXPL: 0CVE-2019-11816
https://notcve.org/view.php?id=CVE-2019-11816
20 May 2019 — Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request. El control de acceso incorrecto en la WebUI en OPNsense antes de la versión 19.1.8, y pfsense antes de 2.4.4-p3 permite a los usuarios autenticados remotos escalar los privilegios a administrador a través de una solicitud especialmente diseñada. • https://forum.opnsense.org/index.php?topic=12787.0 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20798
https://notcve.org/view.php?id=CVE-2018-20798
01 Mar 2019 — The expiretable configuration in pfSense 2.4.4_1 establishes block durations that are incompatible with the block durations implemented by sshguard, which might make it easier for attackers to bypass intended access restrictions. La configuración de expiretable en pfSense 2.4.4_1 establece duraciones de bloqueo que no son compatibles con las duraciones de bloqueo implementadas por sshguard, lo que podría facilitar que los atacantes omitan las restricciones de acceso planeadas. • https://redmine.pfsense.org/issues/9223 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20799
https://notcve.org/view.php?id=CVE-2018-20799
01 Mar 2019 — In pfSense 2.4.4_1, blocking of source IP addresses on the basis of failed HTTPS authentication is inconsistent with blocking of source IP addresses on the basis of failed SSH authentication (the behavior does not match the sshguard documentation), which might make it easier for attackers to bypass intended access restrictions. En pfSense 2.4.4_1, el bloqueo de las direcciones IP de origen al haber un error de autenticación HTTPS es inconsistente con el bloqueo de direcciones IP de origen al haber un error ... • https://redmine.pfsense.org/issues/9223 •
CVSS: 7.2EPSS: 72%CPEs: 1EXPL: 1CVE-2018-4019
https://notcve.org/view.php?id=CVE-2018-4019
03 Dec 2018 — An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_normal_mode` parameter. Existe una vulnerabilidad de inyección de comandos explotable en la manera en la que Netgate p... • https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: 72%CPEs: 1EXPL: 1CVE-2018-4020
https://notcve.org/view.php?id=CVE-2018-4020
03 Dec 2018 — An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_ac_mode` POST parameter parameter. Existe una vulnerabilidad de inyección de comandos explotable en la manera en la qu... • https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: 86%CPEs: 1EXPL: 1CVE-2018-4021
https://notcve.org/view.php?id=CVE-2018-4021
03 Dec 2018 — An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_battery_mode` POST parameter. Existe una vulnerabilidad de inyección de comandos explotable en la manera en la que Net... • https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 8%CPEs: 1EXPL: 0CVE-2018-16055
https://notcve.org/view.php?id=CVE-2018-16055
26 Sep 2018 — An authenticated command injection vulnerability exists in status_interfaces.php via dhcp_relinquish_lease() in pfSense before 2.4.4 due to its passing user input from the $_POST parameters "ifdescr" and "ipv" to a shell without escaping the contents of the variables. This allows an authenticated WebGUI user with privileges for the affected page to execute commands in the context of the root user when submitting a request to relinquish a DHCP lease for an interface which is configured to obtain its address ... • https://doddsecurity.com/190/command-injection-on-pfsense-firewalls • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 78%CPEs: 1EXPL: 4CVE-2016-10709
https://notcve.org/view.php?id=CVE-2016-10709
22 Jan 2018 — pfSense before 2.3 allows remote authenticated users to execute arbitrary OS commands via a '|' character in the status_rrd_graph_img.php graph parameter, related to _rrd_graph_img.php. pfSense, en versiones anteriores a la 2.3, permite que usuarios autenticados remotos ejecuten comandos arbitrarios del sistema operativo mediante un carácter "|" en el parámetro de gráfica status_rrd_graph_img.php, relacionado con _rrd_graph_img.php. • https://github.com/wetw0rk/Exploit-Development • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 19%CPEs: 2EXPL: 2CVE-2017-1000479
https://notcve.org/view.php?id=CVE-2017-1000479
03 Jan 2018 — pfSense versions 2.4.1 and lower are vulnerable to clickjacking attacks in the CSRF error page resulting in privileged execution of arbitrary code, because the error detection occurs before an X-Frame-Options header is set. This is fixed in 2.4.2-RELEASE. OPNsense, a 2015 fork of pfSense, was not vulnerable since version 16.1.16 released on June 06, 2016. The unprotected web form was removed from the code during an internal security audit under "possibly insecure" suspicions. pfSense, en sus versiones 2.4.1... • http://www.openwall.com/lists/oss-security/2017/11/22/7 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 7%CPEs: 1EXPL: 0CVE-2015-6508
https://notcve.org/view.php?id=CVE-2015-6508
18 Aug 2015 — Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the descr parameter in a "new" action to system_authservers.php. Vulnerabilidad de XSS en pfSense en versiones anteriores a 2.2.3, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro descr en una 'nueva' acción a system_authservers.php. • https://redmine.pfsense.org/issues/4698 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •