Unrated severityNVD Advisory· Published Dec 3, 2018· Updated Sep 17, 2024
CVE-2018-4021
CVE-2018-4021
Description
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE processes the parameters of a specific POST request. The attacker can exploit this and gain the ability to execute arbitrary commands on the system. An attacker needs to be able to send authenticated POST requests to the administration web interface. Command injection is possible in the powerd_battery_mode POST parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Netgate/Netgate pfSensev5Range: Netgate pfSense CE 2.4.4-RELEASE
Patches
Vulnerability mechanics
References
1- talosintelligence.com/vulnerability_reports/TALOS-2018-0690mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.