CVE-2025-53392 – pfSense File Traversal Vulnerability

June 28, 2025

CVE ID : CVE-2025-53392

Published : June 28, 2025, 11:15 p.m. | 2 hours, 11 minutes ago

Description : In Netgate pfSense CE 2.8.0, the “WebCfg – Diagnostics: Command” privilege allows reading arbitrary files via diag_command.php dlPath directory traversal. NOTE: the Supplier’s perspective is that this is intended behavior for this privilege level, and that system administrators are informed through both the product documentation and UI.

Severity: 5.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53393 – Akka Cluster Metrics Java Serialization Deserialization Vulnerability

Next Article CVE-2025-6839 – Conjure Position Department Service Quality Evaluation System Less Bootstrap Mixin Head PHP Backdoor Remote Code Execution

Highlights

CVE-2025-6653 – PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure

June 25, 2025

CVE ID : CVE-2025-6653

Published : June 25, 2025, 10:15 p.m. | 4 hours, 6 minutes ago

Description : PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26726.

Severity: 3.3 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sentry launches MCP monitoring tool

10 Benefits of Hiring a React.js Development Company (2025–2026 Edition)

From Line To Layout: How Past Experiences Shape Your Design Career

Hire React.js Developers in the US: How to Choose the Right Team for Your Needs

I’ve tested every Samsung Galaxy phone in 2025 – here’s the model I’d recommend on sale

Google Photos just put all its best editing tools a tap away – here’s the shortcut

Claude can teach you how to code now, and more – how to try it

One of the best work laptops I’ve tested has MacBook written all over it (but it’s even better)

Controlling Execution Flow with Laravel’s Sleep Helper

Controlling Execution Flow with Laravel’s Sleep Helper

Generate Secure Temporary Share Links for Files in Laravel

This Week in Laravel: Filament 4, Laravel Boost, and Junie Review

KDE Plasma 6 on Wayland: the Payoff for Years of Plumbing

KDE Plasma 6 on Wayland: the Payoff for Years of Plumbing

FOSS Weekly #25.33: Debian 13 Released, Torvalds vs RISC-V, Arch’s New Tool, GNOME Perfection and More Linux Stuff

Ultimate ChatGPT-5 Prompt Guide: 52 Ideas for Any Task

CVE-2025-53392 – pfSense File Traversal Vulnerability

CISA Adds Two N-able N-central Flaws to Known Exploited Vulnerabilities Catalog

From Banking Darling to $1B Fraud Magnet: Inside the Zelle Lawsuit 2025

Optimizing Mixtral 8x7B on Amazon SageMaker with AWS Inferentia2

CVE-2025-6492 – MarkText Regular Expression Complexity Remote Vulnerability

CVE-2025-47172 – Microsoft Office SharePoint SQL Injection

CVE-2025-3880 – Opinion Stage WordPress Poll Survey Quiz Maker Plugin Unauthorized Data Modification Vulnerability

CVE-2025-6653 – PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure

Uber finally launches feature to prioritize women’s safety

8 Excellent Free Books to Learn Julia

How to Build a Custom Visual Testing Tool with Selenium: A Practical Guide

CVE-2025-53392 – pfSense File Traversal Vulnerability

Related Posts