Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the `powerd_ac_mode` POST parameter parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Netgate pfSense CE 操作系统命令注入漏洞
Vulnerability Description
Netgate pfSense CE是一套免费开源的基于FreeBSD的防火墙和路由器软件。 Netgate pfSense CE 2.4.4-RELEASE版本中的‘powerd_ac_mode’POST参数存在操作系统命令注入漏洞。攻击者可利用该漏洞在系统上执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A