CVE-2014-4690

Published: Jul 2, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

Multiple directory traversal vulnerabilities in pfSense before 2.1.4 allow (1) remote attackers to read arbitrary .info files via a crafted path in the pkg parameter to pkg_mgr_install.php and allow (2) remote authenticated users to read arbitrary files via the downloadbackup parameter to system_firmware_restorefullbackup.php.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://pfsense.org/security/advisories/pfSense-SA-14_11.webgui.asc

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-4690

Description

Affected Products

References