Vulnerability Details CVE-2025-34173
In pfSense CE /usr/local/www/snort/snort_ip_reputation.php, the value of the iplist parameter is not sanitized of directory traversal-related characters/strings before being used to check if a file exists. While the contents of the file cannot be read, the server reveals whether a file exists, which allows an attacker to enumerate files on the target. The attacker must be authenticated with at least "WebCfg - Services: Snort package" permissions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.1%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2025-34173
-
cpe:2.3:a:pfsense:pfsense:-
-
cpe:2.3:a:pfsense:pfsense:2.2.6
-
cpe:2.3:a:pfsense:pfsense:2.4.4
-
cpe:2.3:a:pfsense:pfsense:2.5.2
-
cpe:2.3:a:pfsense:pfsense:2.6.0