what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

PFSense 2.5.0 Cross Site Scripting

PFSense 2.5.0 Cross Site Scripting
Posted Apr 28, 2021
Authored by William Costa

PFSense version 2.5.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 02b3a89e00b1d86a0f7404761e5aeb0f3dd4630b2ce7e4c2b07ba93c7ea691c7

PFSense 2.5.0 Cross Site Scripting

Change Mirror Download
I. VULNERABILITY
-------------------------
Store XSS Attacks vulnerabilities in PFSense Version 2.5.0
II. BACKGROUND
-------------------------
The pfSense project is a free network firewall distribution, based on the
FreeBSD operating system with a custom kernel and including third party
free software packages for additional functionality. Through this package,
system pfSense software is able to provide most of the functionality of
common commercial firewalls, and many times more.
III. DESCRIPTION
-------------------------
Has been detected a Stored XSS vulnerability in PFSense.
The code injection is done through the parameter “Description” in the page
“/services_wol_edit.php?id=0
IV. PROOF OF CONCEPT
-------------------------
The application does not validate the parameter “Description” correctly
when run Wake All Devices.
First add script in field “Description”
After Run
Wake All Devices
/services_wol.php?wakeall=true
V. BUSINESS IMPACT
-------------------------
An attacker can execute arbitrary HTML or script code in a targeted
user's browser, , that allows the execution of arbitrary HTML/script code
to be executed in the context of the victim user's browser.
VI. SYSTEMS AFFECTED
-------------------------
Tested PFSense 2.5.0
VII. SOLUTION
-------------------------
All data received by the application and that can be modified by the user,
before making any kind of transaction with them must be validated correctly
Upgrade 2.5.1

By William Costa
william.costa@gmail.com


Login or Register to add favorites

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close