Cyber Resilience

CVE-2023-48123

High

Published: 06 December 2023

Published
06 December 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.6825 98.6th percentile
Risk Priority 59 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-48123 is a high-severity an unspecified weakness vulnerability in Netgate Pfsense. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 1.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

CVE-2023-48123 is an arbitrary code execution vulnerability in the web interface of Netgate pfSense Plus versions 23.05.1 and earlier as well as pfSense CE 2.7.0. The flaw resides in packet_capture.php and can be triggered by sending a specially crafted request to that endpoint.

An authenticated remote attacker with low privileges can exploit the issue over the network without user interaction, achieving full code execution that yields high impacts on confidentiality, integrity, and availability.

Netgate published advisory pfSense-SA-23_11.webgui and a corresponding code commit that addresses the flaw; administrators are advised to apply the update or the referenced patch.

The EPSS score has remained at 0.6825 since disclosure with no material upward movement.

EU & UK References

Vulnerability details

An issue in Netgate pfSense Plus v.23.05.1 and before and pfSense CE v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the packet_capture.php file.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

netgate
pfsense
≤ 2.7.0
netgate
pfsense plus
≤ 23.05.1

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References