Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Pfsense | Netgate | * | 2.4.4 |
Pfsense | Netgate | 2.4.4 | 2.4.4 |
Pfsense | Netgate | 2.4.4 | 2.4.4 |
Opnsense | Opnsense | * | * |