Vulnerability identifier: #VU21374
Vulnerability risk: Medium
CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
pfsense
Server applications /
IDS/IPS systems, Firewalls and proxy servers
Vendor: Rubicon Communications
Description
The vulnerability allows a remote attacker to read and write arbitrary files on the system.
The vulnerability exists due to insufficient validation of user-supplied input in "/widgets/widgets/picture.widget.php" when processing data passed via the "widgetkey" parameter. A remote attacker authenticated attacker can read and write arbitrary files on the system.
Mitigation
Install update from vendor's website.
Vulnerable software versions
pfsense: 2.3.0 - 2.4.4_3
External links
http://github.com/pfsense/pfsense/commit/2c544ac61ce98f716d50b8e5961d7dfba66804b5
http://redmine.pfsense.org/issues/9610
http://www.seebug.org/vuldb/ssvid-98024
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.