Skip to main content

Truenas Firmware

3 CVEs product

Monthly

CVE-2024-11946 MEDIUM This Month

iXsystems TrueNAS CORE fetch_plugin_packagesites tar Cleartext Transmission of Sensitive Information Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Truenas Firmware
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-11944 HIGH This Week

iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Truenas Firmware
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2020-11650 HIGH PATCH This Week

An issue was discovered in iXsystems FreeNAS (and TrueNAS) 11.2 before 11.2-u8 and 11.3 before 11.3-U1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Freenas Firmware Truenas Firmware
NVD
CVSS 3.1
7.5
EPSS
3.0%
EPSS 0% CVSS 6.5
MEDIUM This Month

iXsystems TrueNAS CORE fetch_plugin_packagesites tar Cleartext Transmission of Sensitive Information Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Truenas Firmware
NVD
EPSS 2% CVSS 8.8
HIGH This Week

iXsystems TrueNAS CORE tarfile.extractall Directory Traversal Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Truenas Firmware
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

An issue was discovered in iXsystems FreeNAS (and TrueNAS) 11.2 before 11.2-u8 and 11.3 before 11.3-U1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Freenas Firmware Truenas Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy