Description
An XSS vulnerability resides in the hostname field of the diag_ping.php page in pfsense before 2.4.5 version. After passing inputs to the command and executing this command, the $result variable is not sanitized before it is printed.
References (3)
Core 3
Core References
Issue Tracking, Third Party Advisory x_refsource_misc
https://redmine.pfsense.org/issues/10355
Patch, Third Party Advisory x_refsource_misc
https://github.com/pfsense/pfsense/commit/cc3990a334059018b004c91eeb66c147d8afe83d
Release Notes, Vendor Advisory x_refsource_confirm
https://docs.netgate.com/pfsense/en/latest/releases/2-4-5-new-features-and-changes.html
Scores
CVSS v3
6.1
EPSS
0.0445
EPSS Percentile
89.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
netgate/pfsense
< 2.4.5
Published
Apr 29, 2020
Tracked Since
Feb 18, 2026