pfSense - Community Edition

CPE Details

pfSense - Community Edition
pfsense
pfsense
-
2022-04-07
15h14 +00:00
2022-08-18
09h44 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:pfsense:pfsense:-:*:*:*:community:*:*:*

Informations

Vendor

pfsense

Product

pfsense

Version

-

Software Edition

community

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-20729 2022-03-31 05h20 +00:00 Cross-site scripting vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions 2.5.2 and earlier, and pfSense Plus software versions 21.05 and earlier) allows a remote attacker to inject an arbitrary script via a malicious URL.
6.1
Moyen
CVE-2022-23993 2022-01-26 17h22 +00:00 /usr/local/www/pkg.php in pfSense CE before 2.6.0 and pfSense Plus before 22.01 uses $_REQUEST['pkg_filter'] in a PHP echo call, causing XSS.
6.1
Moyen
CVE-2016-10709 2018-01-22 03h00 +00:00 pfSense before 2.3 allows remote authenticated users to execute arbitrary OS commands via a '|' character in the status_rrd_graph_img.php graph parameter, related to _rrd_graph_img.php.
8.8
Haute
CVE-2011-4197 2012-01-03 18h00 +00:00 etc/inc/certs.inc in the PKI implementation in pfSense before 2.0.1 creates each X.509 certificate with a true value for the CA basic constraint, which allows remote attackers to create sub-certificates for arbitrary subjects by leveraging the private key.
7.5
CVE-2011-5047 2012-01-03 18h00 +00:00 Cross-site scripting (XSS) vulnerability in status_rrd_graph.php in pfSense before 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the style parameter.
4.3