CVE-2020-11457

moderate-risk
Published 2020-04-01

pfSense before 2.4.5 has stored XSS in system_usermanager_addprivs.php in the WebGUI via the descr parameter (aka full name) of a user.

Do I need to act?

~
6.4% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
48300
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.4/10 Medium
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Netgate

References (8)

http://packetstormsecurity.com/files/157104/pfSense-2.4.4-P3-User-Manager-Cross-...
Patch https://github.com/pfsense/pfsense/commit/3c1e53dabe966f27c9097a5a923e77f49ae5ff...
https://www.exploit-db.com/exploits/48300
Patch https://www.netgate.com/assets/downloads/advisories/pfSense-SA-20_06.webgui.asc
http://packetstormsecurity.com/files/157104/pfSense-2.4.4-P3-User-Manager-Cross-...
Patch https://github.com/pfsense/pfsense/commit/3c1e53dabe966f27c9097a5a923e77f49ae5ff...
https://www.exploit-db.com/exploits/48300
Patch https://www.netgate.com/assets/downloads/advisories/pfSense-SA-20_06.webgui.asc
35
/ 100
moderate-risk
Severity 21/34 · High
Exploitability 9/34 · Low
Exposure 5/34 · Minimal