{"id":"CVE-2025-34173","details":"In pfSense CE /usr/local/www/snort/snort_ip_reputation.php, the value of the iplist parameter is not sanitized of directory traversal-related characters/strings before being used to check if a file exists. While the contents of the file cannot be read, the server reveals whether a file exists, which allows an attacker to enumerate files on the target. The attacker must be authenticated with at least \"WebCfg - Services: Snort package\" permissions.","modified":"2026-03-14T12:45:44.243833Z","published":"2025-09-09T20:15:38.560Z","references":[{"type":"ADVISORY","url":"https://www.vulncheck.com/advisories/netgate-pf-sense-ce-snort-directory-traversal-information-disclosure"},{"type":"REPORT","url":"https://redmine.pfsense.org/issues/16412"},{"type":"FIX","url":"https://github.com/pfsense/FreeBSD-ports/commit/d6f462bcc446969f8955c16cfde300d5c9ab7435"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/pfsense/freebsd-ports","events":[{"introduced":"0"},{"fixed":"d6f462bcc446969f8955c16cfde300d5c9ab7435"}]}],"versions":["END-OF-2015Q4","devel_before_hashes_changed"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"2.8.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-34173.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}]}