Advertisement
Top
image credit: Unsplash

Multiple flaws in pfSense firewall can lead to arbitrary code execution

December 15, 2023

Via: Security Affairs
Category:

pfSense is a popular open-source firewall solution maintained by Netgate, researchers discovered multiple security issues affecting it.

Researchers from SonarCloud discovered several security issues, Cross-Site Scripting (XSS) vulnerabilities and a Command Injection vulnerability in pfSense CE (CVE-2023-42325, CVE-2023-42327, CVE-2023-42326). The experts pointed out that an attacker can chain them attacker to execute arbitrary commands on a vulnerable pfSense appliance.

Read More on Security Affairs

RELATED PUBLICATIONS

OpenAI’s GPT-4 can exploit real vulnerabilities by reading security advisories
Over 91,000 LG smart TVs running webOS are vulnerable to hacking
Unpatched Vulnerabilities: The Most Brutal Ransomware Attack Vector

Latest Publications

Sweden’s liquor supply severely impacted by ransomware attack on logistics company
Autodesk Drive Abused in Phishing Attacks 
Google fixed critical Chrome vulnerability CVE-2024-4058
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!