CVE-2025-34176

4.3 MEDIUM
Published: September 09, 2025 Modified: October 17, 2025
View on NVD

Description

In pfSense CE /suricata/suricata_ip_reputation.php, the value of the iplist parameter is not sanitized of directory traversal-related strings/characters. This value is directly used in a file existence check operation. While the contents of the file cannot be read, the server reveals whether the file exists, which enables an attacker to enumerate files on the target. The attacker must be authenticated with at least "WebCfg - Services: suricata package" permissions.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://github.com/pfsense/FreeBSD-ports/commit/97852ccfd201b24ee542be30af81272485fde0b4
Source: disclosure@vulncheck.com
Patch
https://redmine.pfsense.org/issues/16414
Source: disclosure@vulncheck.com
Issue Tracking
https://www.vulncheck.com/advisories/netgate-pf-sense-ce-suricata-directory-traversal-information-disclosure
Source: disclosure@vulncheck.com
Third Party Advisory

3 reference(s) from NVD

Quick Stats

CVSS v3 Score
4.3 / 10.0
EPSS (Exploit Probability)
0.0%
13th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-22

Affected Vendors

pfsense

Related CVEs

CVE-2026-21652 N/A
CVE-2026-21651 N/A
CVE-2026-21650 N/A
CVE-2026-21649 N/A
CVE-2026-21648 N/A