Netgate pfSense 2.5.2

CPE Details

Netgate pfSense 2.5.2
netgate
pfsense
2.5.2
2022-04-06
11h56 +00:00
2022-04-06
12h05 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:netgate:pfsense:2.5.2:*:*:*:*:*:*:*

Informations

Vendor

netgate

Product

pfsense

Version

2.5.2

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-46538 2024-10-21 22h00 +00:00 A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $pconfig variable at interfaces_groups_edit.php.
9.3
Critique
CVE-2023-48123 2023-12-05 23h00 +00:00 An issue in Netgate pfSense Plus v.23.05.1 and before and pfSense CE v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the packet_capture.php file.
8.8
Haute
CVE-2023-42326 2023-11-13 23h00 +00:00 An issue in Netgate pfSense v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the interfaces_gif_edit.php and interfaces_gre_edit.php components.
8.8
Haute
CVE-2022-26019 2022-03-31 05h21 +00:00 Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, which may result in arbitrary command execution.
8.8
Haute
CVE-2022-24299 2022-03-31 05h21 +00:00 Improper input validation vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change OpenVPN client or server settings to execute an arbitrary command.
8.8
Haute