Known Vulnerabilities for Pfsense by Netgate
Listed below are 10 of the newest known vulnerabilities associated with "Pfsense" by "Netgate".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-42327 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.4 - MEDIUM | 2023-11-14 | 2023-11-16 |
| CVE-2023-42326 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2023-11-14 | 2023-11-17 |
| CVE-2023-42325 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.4 - MEDIUM | 2023-11-14 | 2023-11-16 |
| CVE-2023-27253 json | A command injection vulnerability in the function restore_rrddata() of Netgate pfSense v2.7.0 allows authenticated attackers ... | 8.8 - HIGH | 2023-03-17 | 2023-07-13 |
| CVE-2022-29273 json | pfSense CE through 2.6.0 and pfSense Plus before 22.05 allow XSS in the WebGUI via URL Table Alias URL parameters. | 6.1 - MEDIUM | 2023-02-22 | 2023-04-10 |
| CVE-2022-26019 json | Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense... | 8.8 - HIGH | 2022-03-31 | 2023-08-08 |
| CVE-2022-24299 json | Improper input validation vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSen... | 8.8 - HIGH | 2022-03-31 | 2022-04-07 |
| CVE-2020-21487 json | Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows attackers to execute arbitr... | 9.6 - CRITICAL | 2023-04-04 | 2023-04-10 |
| CVE-2020-21219 json | Cross Site Scripting (XSS) vulnerability in Netgate pf Sense 2.4.4-Release-p3 and Netgate ACME package 0.6.3 allows remote at... | 6.1 - MEDIUM | 2022-12-15 | 2022-12-19 |
| CVE-2020-19203 json | An authenticated Cross-Site Scripting (XSS) vulnerability was found in widgets/widgets/wake_on_lan_widget.php, a component of... | 5.4 - MEDIUM | 2021-07-12 | 2022-05-13 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Netgate | Pfsense | 2.5.0 | |||
| Application | Netgate | Pfsense | 2.4.5 | |||
| Application | Netgate | Pfsense | 2.4.4 | |||
| Application | Netgate | Pfsense | 2.4.4 | |||
| Application | Netgate | Pfsense | 2.4.4 | |||
| Application | Netgate | Pfsense | 2.4.4 | |||
| Application | Netgate | Pfsense | 2.4.3 | |||
| Application | Netgate | Pfsense | 2.4.3 | |||
| Application | Netgate | Pfsense | 2.4.2 | |||
| Application | Netgate | Pfsense | 2.4.2 | |||
| Application | Netgate | Pfsense | 2.4.1 | |||
| Application | Netgate | Pfsense | 2.4 | |||
| Application | Netgate | Pfsense | 2.3.5 | |||
| Application | Netgate | Pfsense | 2.3.5 | |||
| Application | Netgate | Pfsense | 2.3.5 | |||
| Application | Netgate | Pfsense | 2.3.4 | |||
| Application | Netgate | Pfsense | 2.3.4 | |||
| Application | Netgate | Pfsense | 2.3.3 | |||
| Application | Netgate | Pfsense | 2.3.2 | |||
| Application | Netgate | Pfsense | 2.3.2 |