MULTIPLE FLAWS IN PFSENSE FIREWALL CAN LEAD TO ARBITRARY CODE EXECUTION
Security Affairs – Pierluigi Paganini
Security researchers from SonarCloud uncovered multiple security vulnerabilities, including Cross-Site Scripting (XSS) flaws and a Command Injection vulnerability, within pfSense CE, a widely-used open-source firewall solution maintained by Netgate.
These vulnerabilities were assigned the following CVE identifiers: CVE-2023-42325, CVE-2023-42327, and CVE-2023-42326.
Exploiting these vulnerabilities could enable an attacker to execute arbitrary commands on a compromised pfSense appliance.
Attackers could potentially spy on network traffic or attack local network services, taking advantage of the trust placed in firewalls to protect against remote threats.
By leveraging specially crafted links in phishing messages or deceptive web content, threat actors could compel authenticated pfSense users, including admin-level users or those with specific WebGui access, to unwittingly trigger the command injection flaw.
Ultimately, this could grant attackers root-level access to execute system commands.
These vulnerabilities impact pfSense CE 2.7.0 and earlier, as well as pfSense Plus 23.05.1 and earlier.
Netgate has since addressed these security issues with the release of pfSense CE 2.7.1 and pfSense Plus 23.09.
Link: https://securityaffairs.com/155905/security/pfsense-firewall-flaws.html