cvedb.io
CVE-2023-27100
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2023-03-22T23:15:12.350 · Last modified 2026-06-17T05:44:22.420

Summary

Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate pfSense Plus software v22.05.1 and pfSense CE software v2.6.0 allows attackers to bypass brute force protection mechanisms via crafted web requests.

Affected products

netgate — pfsense_plus

Does this affect you?

Add your gear to cvedb and we'll alert you only when netgate ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.