Описание
Directory traversal vulnerability in pfSense-pkg-WireGuard pfSense-pkg-WireGuard 0.1.5 versions prior to 0.1.5_4 and pfSense-pkg-WireGuard 0.1.6 versions prior to 0.1.6_1 allows a remote authenticated attacker to lead a pfSense user to view a file outside the public folder.
Ссылки
- PatchThird Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 0.1.5 (включая) до 0.1.5_4 (исключая)
Одно из
cpe:2.3:a:pfsense:pfsense-pkg-wireguard:*:*:*:*:*:*:*:*
cpe:2.3:a:pfsense:pfsense-pkg-wireguard:0.1.6:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.0082
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 6.5
github
почти 4 года назад
Directory traversal vulnerability in pfSense-pkg-WireGuard pfSense-pkg-WireGuard 0.1.5 versions prior to 0.1.5_4 and pfSense-pkg-WireGuard 0.1.6 versions prior to 0.1.6_1 allows a remote authenticated attacker to lead a pfSense user to view a file outside the public folder.
EPSS
Процентиль: 74%
0.0082
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-22