Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netgate pfsense 2.7.0 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-42325
Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote malicious user to gain privileges via a crafted url to the status_logs_filter_dynamic.php page.
Netgate Pfsense 2.7.0
5.4
CVSSv3
CVE-2023-42327
Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote malicious user to gain privileges via a crafted URL to the getserviceproviders.php page.
Netgate Pfsense 2.7.0
8.8
CVSSv3
CVE-2023-27253
A command injection vulnerability in the function restore_rrddata() of Netgate pfSense v2.7.0 allows authenticated malicious users to execute arbitrary commands via manipulating the contents of an XML file supplied to the component config.xml.
Netgate Pfsense 2.7.0
8.8
CVSSv3
CVE-2023-42326
An issue in Netgate pfSense v.2.7.0 allows a remote malicious user to execute arbitrary code via a crafted request to the interfaces_gif_edit.php and interfaces_gre_edit.php components.
Netgate Pfsense
Netgate Pfsense Plus
8.8
CVSSv3
CVE-2023-48123
An issue in Netgate pfSense Plus v.23.05.1 and before and pfSense CE v.2.7.0 allows a remote malicious user to execute arbitrary code via a crafted request to the packet_capture.php file.
Netgate Pfsense
Netgate Pfsense Plus
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started