CVE-2025-12490

Name of the Vulnerable Software and Affected Versions Netgate pfSense CE Suricata (affected versions not specified)

Description This issue allows remote attackers to create arbitrary files on affected installations. Authentication is required for exploitation. The flaw is due to insufficient validation of user-supplied paths before they are used in file operations, potentially allowing an attacker to create files with root privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.