VYPR
Unrated severityNVD Advisory· Published Mar 31, 2022· Updated Aug 3, 2024

CVE-2022-26019

CVE-2022-26019

Description

Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01) allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, which may result in arbitrary command execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Netgate/Pfsensellm-fuzzy
    Range: <2.6.0
  • pfSense/pfSense CE and pfSense Plusv5
    Range: pfSense CE software versions prior to 2.6.0 and pfSense Plus software versions prior to 22.01

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.