An issue exists in pfSense up to and including 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization (e.g., a basename call) for a pathname to file_get_contents or file_put_contents.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netgate pfsense 2.4.4 |
||
netgate pfsense |