Netgate pfSense CE 2.7.2 allows code execution by using the module installer with a backup file with a serialized PHP object containing the post_reboot_commands property. NOTE: the Supplier disputes this because this installer is only available to admins and they are intentionally allowed to execute PHP code.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HPfsense
APPPfsense2.7.2
Related vulnerabilities
Netgate pfSense CE 2.8.0 — RCE przez XMLRPC API (pfsense.exec_php)
An issue discovered in Pfsense CE version 2.6.0 allows attackers to compromise user accounts via weak password...
Improper restriction of excessive authentication attempts in the SSHGuard component of Netgate pfSense Plus so...
An issue discovered in Pfsense CE version 2.6.0 allows attackers to change the password of any user without ve...
Directory Traversal vulnerability found in Pfsense v.2.1.3 and Pfsense Suricata v.1.4.6 pkg v.1.0.1 allows a r...