Open-Source Firewall Vulnerability Alert: Three Flaws Put Your Network at Risk
pfSense, the popular open-source firewall solution, has recently been patched for three critical vulnerabilities that could have allowed attackers to gain remote access to your network. These flaws, discovered by security researchers at SonarCloud, highlight the importance of staying updated with the latest security patches, even for trusted open-source software.
The vulnerabilities:
- Reflected XSS (CVE-2023-42325): This vulnerability allows attackers to inject malicious scripts into the pfSense web interface via a crafted URL. If an admin user clicks on this malicious link, the attacker can gain full privileges within the system.
- Reflected XSS (CVE-2023-42327): Similar to CVE-2023-42325, this vulnerability allows attackers to inject malicious scripts through a crafted URL, targeting a different section of the web interface.
- Command Injection (CVE-2023-42326): This vulnerability allows attackers to inject arbitrary commands into the firewall through a crafted request. This effectively grants them complete control over the system and the network it protects.
These vulnerabilities, when chained together, could have allowed an attacker to remotely gain complete control over a vulnerable pfSense system. This is particularly concerning because pfSense is often used to protect internal networks, which are often considered more secure than external networks.
What you need to do:
- Update your pfSense system to the latest version: pfSense versions 2.7.1 and 23.09 fix these vulnerabilities. You can update your system through the pfSense web interface or by downloading the latest version from the pfSense website.
- Review your user permissions: The XSS vulnerabilities can only be exploited by users who have access to specific subsections of the pfSense web interface. Review your user permissions and ensure that only authorized users have access to these areas.
- Stay up-to-date with the latest security advisories: Subscribe to the pfSense security advisories to be notified of any future vulnerabilities.
