Show filters
4 Total Results
Displaying 1-4 of 4
Sort by:
Attacker Value
Unknown

CVE-2023-29975

Disclosure Date: November 09, 2023 (last updated November 17, 2023)
An issue discovered in Pfsense CE version 2.6.0 allows attackers to change the password of any user without verification.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-29974

Disclosure Date: November 08, 2023 (last updated November 17, 2023)
An issue discovered in Pfsense CE version 2.6.0 allows attackers to compromise user accounts via weak password requirements.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-29973

Disclosure Date: October 25, 2023 (last updated November 01, 2023)
Pfsense CE version 2.6.0 is vulnerable to No rate limit which can lead to an attacker creating multiple malicious users in firewall.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-27100

Disclosure Date: March 22, 2023 (last updated October 08, 2023)
Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate pfSense Plus software v22.05.1 and pfSense CE software v2.6.0 allows attackers to bypass brute force protection mechanisms via crafted web requests.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0