Vulnerabilities > Pfsense > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-08 | CVE-2023-29974 | Weak Password Requirements vulnerability in Pfsense 2.6.0 An issue discovered in Pfsense CE version 2.6.0 allows attackers to compromise user accounts via weak password requirements. | 9.8 |
2022-03-01 | CVE-2021-41282 | Injection vulnerability in Pfsense 2.5.2 diag_routes.php in pfSense 2.5.2 allows sed data injection. | 9.0 |
2018-01-22 | CVE-2016-10709 | OS Command Injection vulnerability in Pfsense 2.2.6 pfSense before 2.3 allows remote authenticated users to execute arbitrary OS commands via a '|' character in the status_rrd_graph_img.php graph parameter, related to _rrd_graph_img.php. | 9.0 |