Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netgate pfsense plus vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-48123
An issue in Netgate pfSense Plus v.23.05.1 and before and pfSense CE v.2.7.0 allows a remote malicious user to execute arbitrary code via a crafted request to the packet_capture.php file.
Netgate Pfsense
Netgate Pfsense Plus
1 Github repository
8.5
CVSSv2
CVE-2022-26019
Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions before 2.6.0 and pfSense Plus software versions before 22.01) allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, wh...
Netgate Pfsense Plus
Netgate Pfsense
NA
CVE-2023-42326
An issue in Netgate pfSense v.2.7.0 allows a remote malicious user to execute arbitrary code via a crafted request to the interfaces_gif_edit.php and interfaces_gre_edit.php components.
Netgate Pfsense
Netgate Pfsense Plus
6.5
CVSSv2
CVE-2022-24299
Improper input validation vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions before 2.6.0 and pfSense Plus software versions before 22.01) allows a remote attacker with the privilege to change OpenVPN client or server settings to execute an arbitrary comma...
Netgate Pfsense
Netgate Pfsense Plus
4.3
CVSSv2
CVE-2021-20729
Cross-site scripting vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions 2.5.2 and previous versions, and pfSense Plus software versions 21.05 and previous versions) allows a remote malicious user to inject an arbitrary script via a malicious URL.
Netgate Pfsense Plus
Pfsense Pfsense
NA
CVE-2023-27100
Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate pfSense Plus software v22.05.1 and pfSense CE software v2.6.0 allows malicious users to bypass brute force protection mechanisms via crafted web requests.
Netgate Pfsense Plus 22.05.1
Pfsense Pfsense 2.6.0
1 Github repository
NA
CVE-2022-29273
pfSense CE up to and including 2.6.0 and pfSense Plus prior to 22.05 allow XSS in the WebGUI via URL Table Alias URL parameters.
Netgate Pfsense
NA
CVE-2023-48795
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH prior to 9.6 and other products, allows remote malicious users to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may conseque...
Openbsd Openssh
Putty Putty
Filezilla-project Filezilla Client
Microsoft Powershell
Panic Transmit 5
Panic Nova
Roumenpetrov Pkixssh
Winscp Winscp
Bitvise Ssh Client
Bitvise Ssh Server
Lancom-systems Lcos
Lancom-systems Lcos Fx -
Lancom-systems Lcos Lx -
Lancom-systems Lcos Sx 5.20
Lancom-systems Lcos Sx 4.20
Lancom-systems Lanconfig -
Vandyke Securecrt
Libssh Libssh
Net-ssh Net-ssh 7.2.0
Ssh2 Project Ssh2
Proftpd Proftpd
Freebsd Freebsd
8 Github repositories
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started