CVE-2025-53392 | Netgate pfSense CE 2.8.0 diag_command.php dlPath absolute path traversal

A vulnerability was found in Netgate pfSense CE 2.8.0 and classified as problematic. Affected by this issue is some unknown functionality of the file diag_command.php. The manipulation of the argument dlPath leads to absolute path traversal.

This vulnerability is handled as CVE-2025-53392. The attack may be launched remotely. There is no exploit available.

The real existence of this vulnerability is still doubted at the moment.VulDB Recent EntriesRead More