CVE-2022-21132
https://notcve.org/view.php?id=CVE-2022-21132
Directory traversal vulnerability in pfSense-pkg-WireGuard pfSense-pkg-WireGuard 0.1.5 versions prior to 0.1.5_4 and pfSense-pkg-WireGuard 0.1.6 versions prior to 0.1.6_1 allows a remote authenticated attacker to lead a pfSense user to view a file outside the public folder. Una vulnerabilidad salto de directorio en pfSense-pkg-WireGuard versiones 0.1.5 anteriores a 0.1.5_4 y pfSense-pkg-WireGuard versiones 0.1.6 anteriores a 0.1.6_1, permiten que un atacante remoto autenticado conlleve a un usuario de pfSense a visualizar un archivo fuera de la carpeta pública • https://github.com/pfsense/FreeBSD-ports/commits/devel/net/pfSense-pkg-WireGuard https://jvn.jp/en/jp/JVN85572374/index.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •