cbcvebase.

Netgate Pfsense vulnerabilities

51 known vulnerabilities affecting netgate/pfsense.

Total CVEs
51
CISA KEV
0
Public exploits
9
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH17MEDIUM31

Vulnerabilities

Page 2 of 3
CVE-2022-29273P3MEDIUMCVSS 6.1≤ 2.6.0fixed in 22.052023-02-22
CVE-2022-29273 [MEDIUM] CWE-79 CVE-2022-29273: pfSense CE through 2.6.0 and pfSense Plus before 22.05 allow XSS in the WebGUI via URL Table Alias U pfSense CE through 2.6.0 and pfSense Plus before 22.05 allow XSS in the WebGUI via URL Table Alias URL parameters.
nvd
CVE-2024-46538P3MEDIUMCVSS 4.8v2.5.22024-10-22
CVE-2024-46538 [MEDIUM] CWE-79 CVE-2024-46538: A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute arbitrary w A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $pconfig variable at interfaces_groups_edit.php.
nvd
CVE-2019-11816P3HIGHCVSS 7.2≤ 2.4.4v2.4.42019-05-20
CVE-2019-11816 [HIGH] CVE-2019-11816: Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request.
nvd
CVE-2023-42325P3MEDIUMCVSS 5.4v2.7.02023-11-14
CVE-2023-42325 [MEDIUM] CWE-79 CVE-2023-42325: Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted url to the status_logs_filter_dynamic.php page.
nvd
CVE-2023-42327P3MEDIUMCVSS 5.4v2.7.02023-11-14
CVE-2023-42327 [MEDIUM] CWE-79 CVE-2023-42327: Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted URL to the getserviceproviders.php page.
nvd
CVE-2018-20799P3HIGHCVSS 7.5v2.4.42019-03-01
CVE-2018-20799 [HIGH] CVE-2018-20799: In pfSense 2.4.4_1, blocking of source IP addresses on the basis of failed HTTPS authentication is i In pfSense 2.4.4_1, blocking of source IP addresses on the basis of failed HTTPS authentication is inconsistent with blocking of source IP addresses on the basis of failed SSH authentication (the behavior does not match the sshguard documentation), which might make it easier for attackers to bypass intended access restrictions.
nvd
CVE-2025-53392P3MEDIUMCVSS 6.5v2.8.02025-06-28
CVE-2025-53392 [MEDIUM] CWE-36 CVE-2025-53392: In Netgate pfSense CE 2.8.0, the "WebCfg - Diagnostics: Command" privilege allows reading arbitrary In Netgate pfSense CE 2.8.0, the "WebCfg - Diagnostics: Command" privilege allows reading arbitrary files via diag_command.php dlPath directory traversal. NOTE: the Supplier's perspective is that this is intended behavior for this privilege level, and that system administrators are informed through both the product documentation and UI.
nvd
CVE-2018-20798P3HIGHCVSS 7.5v2.4.42019-03-01
CVE-2018-20798 [HIGH] CWE-732 CVE-2018-20798: The expiretable configuration in pfSense 2.4.4_1 establishes block durations that are incompatible w The expiretable configuration in pfSense 2.4.4_1 establishes block durations that are incompatible with the block durations implemented by sshguard, which might make it easier for attackers to bypass intended access restrictions.
nvd
CVE-2020-21487P3CRITICALCVSS 9.6v2.4.42023-04-04
CVE-2020-21487 [CRITICAL] CWE-79 CVE-2020-21487: Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows at Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows attackers to execute arbitrary code via the RootFolder field of acme_certificates.php.
nvd
CVE-2015-1414P4HIGHCVSS 7.8v2.2.12015-02-27
CVE-2015-1414 [HIGH] CVE-2015-1414: Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 before p18, and 10.1 before p6 Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 before p18, and 10.1 before p6 allows remote attackers to cause a denial of service (crash) via a crafted IGMP packet, which triggers an incorrect size calculation and allocation of insufficient memory.
nvd
CVE-2019-12949P3MEDIUMCVSS 6.1v2.4.42019-06-25
CVE-2019-12949 [MEDIUM] CWE-79 CVE-2019-12949: In pfSense 2.4.4-p2 and 2.4.4-p3, if it is possible to trick an authenticated administrator into cli In pfSense 2.4.4-p2 and 2.4.4-p3, if it is possible to trick an authenticated administrator into clicking on a button on a phishing page, an attacker can leverage XSS to upload arbitrary executable code, via diag_command.php and rrd_fetch_json.php (timePeriod parameter), to a server. Then, the remote attacker can run any command with root privileges
nvd
CVE-2014-4691P4MEDIUMCVSS 6.8≤ 2.1.32014-07-02
CVE-2014-4691 [MEDIUM] CVE-2014-4691: Session fixation vulnerability in pfSense before 2.1.4 allows remote attackers to hijack web session Session fixation vulnerability in pfSense before 2.1.4 allows remote attackers to hijack web sessions via a firewall login cookie.
nvd
CVE-2015-4029P4MEDIUMCVSS 4.3≤ 2.2.22015-08-18
CVE-2015-4029 [MEDIUM] CWE-79 CVE-2015-4029: Cross-site scripting (XSS) vulnerability in the WebGUI in pfSense before 2.2.3 allows remote attacke Cross-site scripting (XSS) vulnerability in the WebGUI in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the zone parameter in a del action to services_captiveportal_zones.php.
nvd
CVE-2020-19201P4MEDIUMCVSS 5.4≤ 2.4.4v2.4.42021-07-12
CVE-2020-19201 [MEDIUM] CWE-79 CVE-2020-19201: A Stored Cross-Site Scripting (XSS) vulnerability was found in status_filter_reload.php, a page in t A Stored Cross-Site Scripting (XSS) vulnerability was found in status_filter_reload.php, a page in the pfSense software WebGUI, on Netgate pfSense version 2.4.4-p2 and earlier. The page did not encode output from the filter reload process, and a stored XSS was possible via the descr (description) parameter on NAT rules.
nvd
CVE-2014-4689P4MEDIUMCVSS 5.0≤ 2.1.32014-07-02
CVE-2014-4689 [MEDIUM] CWE-22 CVE-2014-4689: Absolute path traversal vulnerability in pkg_edit.php in pfSense before 2.1.4 allows remote attacker Absolute path traversal vulnerability in pkg_edit.php in pfSense before 2.1.4 allows remote attackers to read arbitrary XML files via a full pathname in the xml parameter.
nvd
CVE-2014-4690P4MEDIUMCVSS 5.0≤ 2.1.32014-07-02
CVE-2014-4690 [MEDIUM] CWE-22 CVE-2014-4690: Multiple directory traversal vulnerabilities in pfSense before 2.1.4 allow (1) remote attackers to r Multiple directory traversal vulnerabilities in pfSense before 2.1.4 allow (1) remote attackers to read arbitrary .info files via a crafted path in the pkg parameter to pkg_mgr_install.php and allow (2) remote authenticated users to read arbitrary files via the downloadbackup parameter to system_firmware_restorefullbackup.php.
nvd
CVE-2020-10797P4MEDIUMCVSS 6.1fixed in 2.4.52020-04-29
CVE-2020-10797 [MEDIUM] CWE-79 CVE-2020-10797: An XSS vulnerability resides in the hostname field of the diag_ping.php page in pfsense before 2.4.5 An XSS vulnerability resides in the hostname field of the diag_ping.php page in pfsense before 2.4.5 version. After passing inputs to the command and executing this command, the $result variable is not sanitized before it is printed.
nvd
CVE-2019-12584P4MEDIUMCVSS 6.1fixed in 2.4.4v2.4.42019-06-03
CVE-2019-12584 [MEDIUM] CWE-79 CVE-2019-12584: Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue i Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsd_status.php.
nvd
CVE-2019-16914P4MEDIUMCVSS 6.1fixed in 2.4.4v2.4.42019-09-26
CVE-2019-16914 [MEDIUM] CWE-79 CVE-2019-16914: An XSS issue was discovered in pfSense through 2.4.4-p3. In services_captiveportal_mac.php, the user An XSS issue was discovered in pfSense through 2.4.4-p3. In services_captiveportal_mac.php, the username and delmac parameters are displayed without sanitization.
nvd
CVE-2020-19203P4MEDIUMCVSS 5.4fixed in 2.4.4v2.4.42021-07-12
CVE-2020-19203 [MEDIUM] CWE-79 CVE-2020-19203: An authenticated Cross-Site Scripting (XSS) vulnerability was found in widgets/widgets/wake_on_lan_w An authenticated Cross-Site Scripting (XSS) vulnerability was found in widgets/widgets/wake_on_lan_widget.php, a component of the pfSense software WebGUI, on version 2.4.4-p2 and earlier. The widget did not encode the descr (description) parameter of wake-on-LAN entries in its output, leading to a possible stored XSS.
nvd
Netgate Pfsense vulnerabilities | cvebase