漏洞描述
Netgate pfSense存在跨站脚本漏洞,此漏洞是由于status_logs_filter_dynamic.php接口对用户的请求验证不当造成的。
Netgate pfSense CVE-2023-42325 跨站脚本漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2021-41282: pfSense - Arbitrary File Write
- POC CVE-2022-31814: pfSense pfBlockerNG <=2.1..4_26 - OS Command Injection
- POC CVE-2022-40624: pfSense pfBlockerNG - OS Command Injection
- Netgate PfSense diag_packet_capture.php 命令注入漏洞
- Netgate pfSense pfBlockerNG Host命令注入漏洞
- pfSense CVE-2021-41282远程代码执行漏洞
- Netgate pfSense pfBlockerNG Host CVE-2022-40624命令注入漏洞
- Netgate pfSense CVE-2023-42326 命令注入漏洞
- Netgate pfSense firewall_alias.php 存储型跨站脚本漏洞
- Netgate pfSense restore_rrddata 命令注入漏洞
- PfSense PfBlockerNG shell上传漏洞(CVE-2022-31814)
- pfsense网关防火墙-默认口令