Unrated severityNVD Advisory· Published Jul 2, 2014· Updated Jun 17, 2026
CVE-2014-4696
CVE-2014-4696
Description
Multiple open redirect vulnerabilities in the Suricata package before 1.0.6 for pfSense through 2.1.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via (1) the referer parameter to suricata_rules_flowbits.php or (2) the returl parameter to suricata_select_alias.php.
Affected products
4cpe:2.3:a:pfsense:suricata_package:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:pfsense:suricata_package:*:*:*:*:*:*:*:*range: <=1.0.5
- (no CPE)range: <1.0.6
Patches
Vulnerability mechanics
References
1- pfsense.org/security/advisories/pfSense-SA-14_13.packages.ascnvdVendor Advisory
News mentions
0No linked articles in our index yet.