CVE Alert: CVE-2025-53392

June 29, 2025
image 1

Vulnerability Summary: CVE-2025-53392

In Netgate pfSense CE 2.8.0, the “WebCfg – Diagnostics: Command” privilege allows reading arbitrary files via diag_command.php dlPath directory traversal. NOTE: the Supplier’s perspective is that this is intended behavior for this privilege level, and that system administrators are informed through both the product documentation and UI.

Affected Endpoints:

No affected endpoints listed.

Published Date:

6/28/2025, 11:15:21 PM

⚠️ CVSS Score:

CVSS v3 Score: 5 (Medium)

Exploit Status:

Not Exploited

References:

Recommended Action:

No proposed action available. Please refer to vendor documentation for updates.

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

Buy Me A Coffee
Patreon

To keep up to date follow us on the below channels.

Tags: , ,

You may have missed

3429942b27d58f4180d154ae867e9b4170be355b62bb03a31d664b83ffbeb2db

Us Department Of Defense Will Stop Sending Critical Hurricane Satellite Data

June 29, 2025
51bc3378fb4edc14c428ae56ea9cff5d5664143339540acb21374baf49574c29

How Broadcom Is Quietly Plotting A Takeover Of The Ai Infrastructure Market

June 29, 2025
00830ec6d73d59c502f4a7ae5f2153cf6a8c9d19ce9f63d3ffb257f443ba61e8

Fresh Uk Postcode Tool Points Out Best Mobile Network In Your Area

June 29, 2025
image

CVE Alert: CVE-2025-53391

June 29, 2025
image

CVE Alert: CVE-2025-6824

June 29, 2025