CNNVD-202506-3656 Information

CNNVD ID

CNNVD-202506-3656

Related CVE

CVE-2025-53392

• CNNVD Published: 2025-06-28

Description (Chinese)

Netgate pfSense CE是Netgate公司的一个基于FreeBSD的开源防火墙与路由平台，支持企业级网络安全与网络管理功能。 Netgate pfSense CE 2.8.0版本存在安全漏洞，该漏洞源于diag_command.php dlPath目录遍历，可能导致读取任意文件。

Description (English)

Netgate pfSense CE, an open-source firewall and route platform based on FreeBSD for Netgate, supports enterprise-level network security and network management functions. There is a security loophole in version 2.8.0 of Netgate pfSense CE, which originates from the diag committee.php dlPath directory, which may lead to the reading of any document.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

NethServer

Published

2025-06-28

Last Modified

2026-02-24

References

https://github.com/skraft9/pfsense-security-research https://access.redhat.com/security/cve/cve-2025-53392