vulnerability

pfSense: pfSense-SA-19_07.webgui: Privilege Escalation in the WebGUI

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:L/Au:S/C:C/I:C/A:C)	May 20, 2019	May 21, 2019	Feb 18, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:C/I:C/A:C)

Published

May 20, 2019

Added

May 21, 2019

Modified

Feb 18, 2025

Description

The privileges for access to the dashboard (page-dashboard-all) and for direct
access to dashboard widgets (page-dashboard-widgets) contained a match clause
for widget files with a leading wildcard. This allowed the URL to be manipulated
in a way which could have been used to gain elevated privileges.

Authenticated users with these privileges could access pages for which they had
not been granted access by appending a string to the URL ending in
".widget.php", for example: https://x.x.x.x/diag_backup.php?a.widget.php

Authenticated users could have used this behavior to gain elevated privileges
and perform actions allowed by any page in the WebGUI.

Solution

pfsense-upgrade-latest

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today