Vulnerabilities > Netgate > Pfsense > 2.4.4

DATE CVE VULNERABILITY TITLE RISK
2019-03-01 CVE-2018-20798 Incorrect Permission Assignment for Critical Resource vulnerability in Netgate Pfsense 2.4.4
The expiretable configuration in pfSense 2.4.4_1 establishes block durations that are incompatible with the block durations implemented by sshguard, which might make it easier for attackers to bypass intended access restrictions.
network
low complexity
netgate CWE-732
7.5
7.5
2018-12-03 CVE-2018-4021 OS Command Injection vulnerability in Netgate Pfsense 2.4.4
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request.
network
low complexity
netgate CWE-78
7.2
7.2
2018-12-03 CVE-2018-4020 OS Command Injection vulnerability in Netgate Pfsense 2.4.4
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request.
network
low complexity
netgate CWE-78
7.2
7.2
2018-12-03 CVE-2018-4019 OS Command Injection vulnerability in Netgate Pfsense 2.4.4
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request.
network
low complexity
netgate CWE-78
7.2
7.2