Pfsense: >> Pfsense >> 2.8.0 Security Vulnerabilities
In Netgate pfSense CE 2.8.0, the "WebCfg - Diagnostics: Command" privilege allows reading arbitrary files via diag_command.php dlPath directory traversal. NOTE: the Supplier's perspective is that this is intended behavior for this privilege level, and that system administrators are informed through both the product documentation and UI.
CVSS Score
5.0
EPSS Score
0.0
Published
2025-06-28