KLA10528
Code injection vulnerability in pfsense
Updated: 06/18/2020
Detect date
?
04/01/2015
Severity
?
Warning
Description

Cross-site scripting vulnerabilities were found in pfSense. By exploiting these vulnerabilities malicious users can enject arbitrary sctip or HTML. These vulnerabilities can be exploited remotely via a specially designed parameters for web interface.

Affected products

pfSense versions earlier than 2.2.1

Solution

Update to the latest version
Get pfSense

Original advisories

pfSense advisory

Impacts
?
CI 
[?]
Related products
pfSense
CVE-IDS
?
CVE-2015-22944.3Warning
Exploitation

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/36506