CVE-2023-27100

moderate-risk
Published 2023-03-22

Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate pfSense Plus software v22.05.1 and pfSense CE software v2.6.0 allows attackers to bypass brute force protection mechanisms via crafted web requests.

Do I need to act?

~
6.1% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
51352
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (2)

Affected Vendors

Pfsense Netgate

References (7)

http://packetstormsecurity.com/files/171791/pfsenseCE-2.6.0-Protection-Bypass.ht...
Vendor Advisory https://docs.netgate.com/downloads/pfSense-SA-23_05.sshguard.asc
Issue Tracking https://redmine.pfsense.org/issues/13574
http://packetstormsecurity.com/files/171791/pfsenseCE-2.6.0-Protection-Bypass.ht...
Vendor Advisory https://docs.netgate.com/downloads/pfSense-SA-23_05.sshguard.asc
Issue Tracking https://redmine.pfsense.org/issues/13574
https://packetstorm.news/files/id/171791
48
/ 100
moderate-risk
Severity 32/34 · Critical
Exploitability 9/34 · Low
Exposure 7/34 · Low