CVE-2022-26019

Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, which may result in arbitrary command execution.
References
Configurations

Configuration 1

cpe:2.3:a:netgate:pfsense_plus:*:*:*:*:*:*:*:*
cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*

Information

Published : 2022-03-31 08:15

Updated : 2022-04-07 08:36


NVD link : CVE-2022-26019

Mitre link : CVE-2022-26019

Products Affected
No products.