Vulnerability Description
Netgate pfSense CE Suricata Path Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Netgate pfSense. Authentication is required to exploit this vulnerability. The specific flaw exists within the Suricata package. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create files in the context of root. Was ZDI-CAN-28085.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://github.com/pfsense/FreeBSD-ports/commit/36b2303dfca35a1183d76f26bcc6ce26
- https://www.zerodayinitiative.com/advisories/ZDI-25-979/
FAQ
What is CVE-2025-12490?
CVE-2025-12490 is a vulnerability with a CVSS score of 8.8 (HIGH). Netgate pfSense CE Suricata Path Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Netgate pfSense. Authe...
How severe is CVE-2025-12490?
CVE-2025-12490 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-12490?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.