CVE-2025-53392 – pfSense File Traversal Vulnerability

June 28, 2025

CVE ID : CVE-2025-53392

Published : June 28, 2025, 11:15 p.m. | 2 hours, 11 minutes ago

Description : In Netgate pfSense CE 2.8.0, the “WebCfg – Diagnostics: Command” privilege allows reading arbitrary files via diag_command.php dlPath directory traversal. NOTE: the Supplier’s perspective is that this is intended behavior for this privilege level, and that system administrators are informed through both the product documentation and UI.

Severity: 5.0 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53393 – Akka Cluster Metrics Java Serialization Deserialization Vulnerability

Next Article CVE-2025-6839 – Conjure Position Department Service Quality Evaluation System Less Bootstrap Mixin Head PHP Backdoor Remote Code Execution

Highlights

CVE-2025-6667 – “Code-Projects Car Rental System Unrestricted File Upload Vulnerability”

June 25, 2025

CVE ID : CVE-2025-6667

Published : June 25, 2025, 10:15 p.m. | 4 hours, 6 minutes ago

Description : A vulnerability was found in code-projects Car Rental System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/add_cars.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

With Gears of War: Reloaded on the way, which Xbox 360 game would you like to see get rebuilt next? — Weekend discussion 💬

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

After 14 years, Monster Hunter Wilds is bringing back underwater combat alongside “Lagiacrus” and another familiar monster — the impossible has happened

OpenAI may prematurely declare AGI to cut ties with Microsoft — despite Sam Altman admitting today’s tech isn’t built for it

How Code Feedback MCP Enhances AI-Generated Code Quality

How Code Feedback MCP Enhances AI-Generated Code Quality

PRSS Site Creator – Create Blogs and Websites from Your Desktop

Say hello to ECMAScript 2025

With Gears of War: Reloaded on the way, which Xbox 360 game would you like to see get rebuilt next? — Weekend discussion 💬

With Gears of War: Reloaded on the way, which Xbox 360 game would you like to see get rebuilt next? — Weekend discussion 💬

Jasmine – web launcher and session management application

Schulrechner – calculator you know from school

CVE-2025-53392 – pfSense File Traversal Vulnerability

CVE-2025-6836 – Code-projects Library System SQL Injection Vulnerability

CVE-2025-6837 – Code-projects Library System Unrestricted File Upload Vulnerability

ONLYOFFICE 9.0 Released with New Themes, AI Tools + More

Delayed OnePlus Watch 3 launches again – but with a shocking price increase

Windows 10 is getting downgraded again — here’s what Microsoft is taking away this time

Best Tools To Lower Ping And Lag In Online Games [2025 tested]

CVE-2025-6667 – “Code-Projects Car Rental System Unrestricted File Upload Vulnerability”

Gamma AI Platform Abused in Phishing Chain to Spoof Microsoft SharePoint Logins

Guix System – Linux distribution built around Guix

School in the Clouds. Installing Examarius Online Test Software on AWS

CVE-2025-53392 – pfSense File Traversal Vulnerability

Related Posts