CVE-2024-46538

Name of the Vulnerable Software and Affected Versions pfsense version 2.5.2

Description A cross-site scripting (XSS) vulnerability in pfsense allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $pconfig variable at "interfaces groups edit.php". This issue can lead to arbitrary command execution. Approximately 612,000 exposed instances have been revealed by a ZoomEye Dork app. The vulnerability is actively being exploited.

Recommendations For pfsense version 2.5.2, update pfsense immediately to mitigate the risk of exploitation. As a temporary workaround, consider restricting access to the "interfaces groups edit.php" page and the $pconfig variable to minimize the risk of exploitation. Monitor for suspicious activity.