Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pfsense pfsense 2.4.5 vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2020-26693
A stored cross-site scripting (XSS) vulnerability exists in pfSense 2.4.5-p1 which allows an authenticated malicious user to execute arbitrary web scripts via exploitation of the load_balancer_monitor.php function.
Pfsense Pfsense 2.4.5
312
VMScore
CVE-2020-11457
pfSense prior to 2.4.5 has stored XSS in system_usermanager_addprivs.php in the WebGUI via the descr parameter (aka full name) of a user.
Netgate Pfsense
383
VMScore
CVE-2020-10797
An XSS vulnerability resides in the hostname field of the diag_ping.php page in pfsense prior to 2.4.5 version. After passing inputs to the command and executing this command, the $result variable is not sanitized before it is printed.
Netgate Pfsense
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started