VYPR
Unrated severityNVD Advisory· Published Jun 28, 2025· Updated Jun 30, 2025

CVE-2025-53392

CVE-2025-53392

Description

In Netgate pfSense CE 2.8.0, the "WebCfg - Diagnostics: Command" privilege allows reading arbitrary files via diag_command.php dlPath directory traversal. NOTE: the Supplier's perspective is that this is intended behavior for this privilege level, and that system administrators are informed through both the product documentation and UI.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Netgate/Pfsensellm-fuzzy2 versions
    = 2.8.0+ 1 more
    • (no CPE)range: = 2.8.0
    • (no CPE)range: 2.8.0

Patches

Vulnerability mechanics

News mentions

0

No linked articles in our index yet.