Unrated severityNVD Advisory· Published Jul 2, 2014· Updated Jun 17, 2026
CVE-2014-4689
CVE-2014-4689
Description
Absolute path traversal vulnerability in pkg_edit.php in pfSense before 2.1.4 allows remote attackers to read arbitrary XML files via a full pathname in the xml parameter.
Affected products
2Patches
Vulnerability mechanics
References
1- pfsense.org/security/advisories/pfSense-SA-14_11.webgui.ascnvdVendor Advisory
News mentions
0No linked articles in our index yet.