1,450+ pfSense Servers Vulnerable to Remote Code Execution Attacks via Exploit Chain

13 December 2023

Researchers discovered two vulnerabilities in pfSense CE related to Cross-Site Scripting (XSS) and Command Injection that allow an attacker to execute arbitrary commands on a pfSense appliance. An attacker with RCE capabilities can control the firewall, monitor traffic on the local network, or target services within the network.

Source: GBHackers

Date:

13 December 2023

Categorie(s):

NEWS

Tag(s):

Attacks, Chain, Cyber Security News, pfSense, Security Pro

Canada arrests suspected hacker over breach of 160+ Snowflake users’ data6 November 2024
Cyberthreats linked to foreign actors aim to hinder Election Day proceedings5 November 2024
DocuSign’s API used to lure victims into e-signing fake invoices5 November 2024
Schneider Electric ransomware crew demands $125k paid in baguettes5 November 2024
How to Become a Chief Information Officer: CIO Cheat Sheet5 November 2024