· 14 min easy Other Sense
HTB: Sense
Default credentials and a plaintext credential disclosure file on a pfSense 2.1.3 appliance lead to authenticated command injection (CVE-2016-10709) running as root. The box demonstrates why network appliances are high-value targets: they run as root by design.
#htb
#pfsense
#openbsd
#command-injection +1