Cross-site Scripting (XSS) Vulnerability in pfsense v2.5.2

CVE-2024-46538

4.8MEDIUM

Key Information

Vendor
pfsense
Status
Pfsense
Vendor
CVE Published:
22 October 2024

Badges

πŸ₯‡ Trended No. 1πŸ“ˆ TrendedπŸ“ˆ Score: 7,530πŸ‘Ύ Exploit Exists🟑 Public PoCπŸ“° News Worthy

What is CVE-2024-46538?

CVE-2024-46538 is a cross-site scripting (XSS) vulnerability identified in the pfSense version 2.5.2, a widely used open-source firewall and router software. This vulnerability allows attackers to inject and execute arbitrary web scripts or HTML, creating a pathway for potential exploitation within a user's browser when interacting with the affected components. Organizations utilizing pfSense for network security may find this vulnerability particularly detrimental, as it could result in unauthorized access to sensitive information, manipulation of web content, or other malicious activities.

Technical Details

The vulnerability exists in the interfaces_groups_edit.php file, specifically through an insecure handling of the $pconfig variable, which can be manipulated through crafted payloads. By exploiting this flaw, an attacker can execute malicious scripts within the context of the user's session, leading to the potential theft of session cookies, user credentials, or other sensitive data.

Impact of the Vulnerability

  1. Unauthorized Access: Attackers can bypass client-side security mechanisms, potentially gaining unauthorized access to user accounts and sensitive information through crafted payloads.

  2. Remote Code Execution: If successfully exploited, the XSS vulnerability could lead to remote code execution, allowing attackers to perform actions on behalf of the user or manipulate application behavior.

  3. Data Breach Risk: The exploitation of this vulnerability increases the risk of data breaches, as attackers can leverage the access gained to extract confidential data or perform other malicious activities within the compromised system.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-46538
Created by EQSTLab

CVE-2024-46538
Created by LauLeysen

News Articles

favicon imageSC Media

We’re Not Saying β€œI told you so” – PSW #850

In the news: Pacific Rim, Linux on Windows for attackers, one of the worst cases of a former employee’s retaliation, Zery-Day FOMO, we predicted that, hacking for fun, working hard for no PoC, an LLM that discovers software vulnerabilities, absurd fines, long usernames and Okta, and paying a r...

2 months ago

favicon imageCyberSecurityNews

PfSense Stored XSS Vulnerability Leads To RCE Attacks, PoC Published

A critical security vulnerability has been discovered in pfSense version 2.5.2, potentially allowing attackers to execute arbitrary code on affected systems.

2 months ago

References

https://github.com/physicszq/web_issue/blob/main/pfsense/...
https://redmine.pfsense.org/issues/15778

CVSS V3.1

Score:
4.8
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
Required
Scope:
Changed

Timeline

  • 🟑

    Public PoC available

  • πŸ“°

    First article discovered by CyberSecurityNews

  • πŸ₯‡

    Vulnerability reached the number 1 worldwide trending spot

  • πŸ“ˆ

    Vulnerability started trending

  • πŸ‘Ύ

    Exploit known to exist

  • Vulnerability published

Collectors

NVD Database2 Proof of Concept(s)2 News Article(s)
.