Vulnerabilities > Netgate > Pfsense > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-04 | CVE-2020-21487 | Cross-site Scripting vulnerability in Netgate Pfsense and Pfsense Acme Package Cross Site Scripting vulnerability found in Netgate pfSense 2.4.4 and ACME package v.0.6.3 allows attackers to execute arbitrary code via the RootFolder field of acme_certificates.php. | 9.6 |
| 2019-09-26 | CVE-2019-16915 | Path Traversal vulnerability in Netgate Pfsense An issue was discovered in pfSense through 2.4.4-p3. | 9.8 |
| 2019-06-03 | CVE-2019-12585 | OS Command Injection vulnerability in multiple products Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an Arbitrary Command Execution issue in apcupsd_status.php. | 9.8 |