CVE-2014-4688 PoC — Electric Sheep Fencing pfSense 安全漏洞

Source

https://github.com/jaydenblair/CVE-2014-4688-pfsense

Associated Vulnerability

Title:Electric Sheep Fencing pfSense 安全漏洞 (CVE-2014-4688)
Description:Electric Sheep Fencing pfsense是美国Electric Sheep Fencing公司的一套免费开源的基于FreeBSD的防火墙和路由器软件。 Electric Sheep Fencing pfSense 2.1.3及之前的版本中存在安全漏洞，该漏洞源于diag_dns.php脚本没有正确验证hostname值，diag_smart.php脚本没有正确验证smartmonemail值，status_rrd_graph_img.php脚本没有正确验证database值。远程攻击者

Description

Modified Exploit-DB proof-of-concept for CVE-2014-4688 (pfSense status_rrd_graph_img.php command injection)

File Snapshot


 None

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!