CNNVD-202511-508 Information
Nov 06, 2025
cve
CNNVD ID
CNNVD-202511-508
Related CVE
- CNNVD Published: 2025-11-06
Description (Chinese)
Netgate pfSense CE是Netgate公司的一个基于FreeBSD的开源防火墙与路由平台,支持企业级网络安全与网络管理功能。 Netgate pfSense CE存在路径遍历漏洞,该漏洞源于对用户提供的路径验证不足,可能导致远程代码执行。
Description (English)
Netgate pfSense CE, an open-source firewall and route platform based on FreeBSD for Netgate, supports enterprise-level network security and network management functions. The Netgate pfSense CE has a loophole in its path, which results from a lack of proof of the path provided by the user and may lead to remote code execution.
Hazard Level
Medium
Vulnerability Type
路径遍历
Affected Vendor
NETGATE
Published
2025-11-06
Last Modified
2026-02-24
References
https://github.com/pfsense/FreeBSD-ports/commit/36b2303dfca35a1183d76f26bcc6ce26d4ea682d https://www.zerodayinitiative.com/advisories/ZDI-25-979/
Patch
https://www.pfsense.org/products/
Share on: