vulnerability

pfSense: pfSense-SA-17_03.webgui: Multiple XSS and CSRF Vulnerabilities in the WebGUI

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:N/AC:M/Au:N/C:P/I:P/A:N)	Feb 10, 2017	Aug 25, 2017	Feb 18, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:N)

Published

Feb 10, 2017

Added

Aug 25, 2017

Modified

Feb 18, 2025

Description

Multiple Cross-Site Scripting (XSS) vulnerabilities and one CSRF issue were
found in the pfSense software WebGUI on version 2.3.2_1 and earlier.

On pkg_mgr_install.php, the "from" and "to" parameter are vulnerable to
reflected XSS when performing a reinstall action.

On pkg.php, the "pkg_filter" parameter is vulnerable to reflected XSS when a
package XML file contains a field type of "sorting" which also has
"include_filtering_inputbox" active. Currently the only affected package is
FreeRADIUS ( freeradius.xml and freeradiusauthorizedmacs.xml both meet these
conditions ).

The easyrule.php script uses GET variables to, making it possible to add new
firewall rules via CSRF.

Due to the lack of proper encoding on the affected variables and pages
succeptible to XSS, arbitrary JavaScript can be executed in the user's browser.
The user's session cookie or other information from the session may be
compromised.

Due to the use of GET on easyrule.php, a firewall administrator could
unknowingly create an unwanted firewall rule if they are the victim of a CSRF
attack.

Solution

pfsense-upgrade-latest

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today