CVE-2018-20798
https://notcve.org/view.php?id=CVE-2018-20798
The expiretable configuration in pfSense 2.4.4_1 establishes block durations that are incompatible with the block durations implemented by sshguard, which might make it easier for attackers to bypass intended access restrictions. La configuración de expiretable en pfSense 2.4.4_1 establece duraciones de bloqueo que no son compatibles con las duraciones de bloqueo implementadas por sshguard, lo que podría facilitar que los atacantes omitan las restricciones de acceso planeadas. • https://redmine.pfsense.org/issues/9223 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2018-4021
https://notcve.org/view.php?id=CVE-2018-4021
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_battery_mode` POST parameter. Existe una vulnerabilidad de inyección de comandos explotable en la manera en la que Netgate pfSense CE 2.4.4-RELEASE procesa los parámetros de una petición POST específica. • https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2018-4019
https://notcve.org/view.php?id=CVE-2018-4019
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_normal_mode` parameter. Existe una vulnerabilidad de inyección de comandos explotable en la manera en la que Netgate pfSense CE 2.4.4-RELEASE procesa los parámetros de una petición POST específica. • https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2018-4020
https://notcve.org/view.php?id=CVE-2018-4020
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_ac_mode` POST parameter parameter. Existe una vulnerabilidad de inyección de comandos explotable en la manera en la que Netgate pfSense CE 2.4.4-RELEASE procesa los parámetros de una petición POST específica. • https://talosintelligence.com/vulnerability_reports/TALOS-2018-0690 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2018-16055
https://notcve.org/view.php?id=CVE-2018-16055
An authenticated command injection vulnerability exists in status_interfaces.php via dhcp_relinquish_lease() in pfSense before 2.4.4 due to its passing user input from the $_POST parameters "ifdescr" and "ipv" to a shell without escaping the contents of the variables. This allows an authenticated WebGUI user with privileges for the affected page to execute commands in the context of the root user when submitting a request to relinquish a DHCP lease for an interface which is configured to obtain its address via DHCP. Existe una vulnerabilidad de inyección de comandos en status_interfaces.php por medio de dhcp_relinquish_lease() en pfSense en versiones anteriores a la 2.4.4 debido a que pasa entradas de usuario de los parámetros $_POST "ifdescr" y "ipv" a un shell sin escapar el contenido de las variables. Esto permite que un usuario de la WebGUI autenticado con privilegios en la página afectada ejecute comandos en el contexto del usuario root al enviar una solicitud para renunciar a una asignación DHCP para una interfaz que está configurada para obtener su dirección mediante DHCP. • https://doddsecurity.com/190/command-injection-on-pfsense-firewalls https://www.pfsense.org/security/advisories/pfSense-SA-18_08.webgui.asc • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •