Vulnerability Description
diag_routes.php in pfSense 2.5.2 allows sed data injection. Authenticated users are intended to be able to view data about the routes set in the firewall. The data is retrieved by executing the netstat utility, and then its output is parsed via the sed utility. Although the common protection mechanisms against command injection (i.e., the usage of the escapeshellarg function for the arguments) are used, it is still possible to inject sed-specific code and write an arbitrary file in an arbitrary location.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Pfsense | Pfsense | 2.5.2 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/166208/pfSense-2.5.2-Shell-Upload.htmlExploitThird Party AdvisoryVDB Entry
- https://docs.netgate.com/pfsense/en/latest/releases/22-01_2-6-0.htmlRelease NotesThird Party Advisory
- https://www.shielder.it/advisories/Third Party Advisory
- https://www.shielder.it/advisories/pfsense-remote-command-execution/ExploitThird Party Advisory
- http://packetstormsecurity.com/files/166208/pfSense-2.5.2-Shell-Upload.htmlExploitThird Party AdvisoryVDB Entry
- https://docs.netgate.com/pfsense/en/latest/releases/22-01_2-6-0.htmlRelease NotesThird Party Advisory
- https://www.shielder.it/advisories/Third Party Advisory
- https://www.shielder.it/advisories/pfsense-remote-command-execution/ExploitThird Party Advisory
FAQ
What is CVE-2021-41282?
CVE-2021-41282 is a vulnerability with a CVSS score of 8.8 (HIGH). diag_routes.php in pfSense 2.5.2 allows sed data injection. Authenticated users are intended to be able to view data about the routes set in the firewall. The data is retrieved by executing the netsta...
How severe is CVE-2021-41282?
CVE-2021-41282 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-41282?
Check the references section above for vendor advisories and patch information. Affected products include: Pfsense Pfsense.