Security Advisory

CVE-2022-26019

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-03-31 07:21:31

Last updated 2024-08-03 04:56:37

Assigner jpcert

State PUBLISHED

Description

Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, which may result in arbitrary command execution.

← Browse all CVEs View on cve.org ↗