Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Netgate pfSense CE (prior to 2.8.0 beta release) and corresponding Plus builds is vulnerable to Cross-site scripting (XSS) in the Automatic Configuration Backup (ACB) service, allowing remote attackers to execute arbitrary JavaScript, delete backups, or leak sensitive information via an unsanitized "reason" field and a derivable device key generated from the public SSH key.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Netgate pfSense CE 安全漏洞
Vulnerability Description
Netgate pfSense CE是Netgate公司的一个基于FreeBSD的开源防火墙与路由平台,支持企业级网络安全与网络管理功能。 Netgate pfSense CE 2.8.0 beta之前版本存在安全漏洞,该漏洞源于Automatic Configuration Backup服务reason字段清理不足导致跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A