CVE-2025-69691 | Netgate pfSense CE up to 2.8.0 XMLRPC API pfsense.exec_php access control

Inserito da Angelo Barbosa | Feb 17, 2026 | CVE

A vulnerability was found in Netgate pfSense CE up to 2.8.0. It has been rated as critical. Affected by this vulnerability is the function exec_php of the file pfsense.exec_php of the component XMLRPC API. Performing a manipulation results in improper access controls.

This vulnerability is cataloged as CVE-2025-69691. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-69691 | Netgate pfSense CE up to 2.8.0 XMLRPC API pfsense.exec_php access control

Post correlati

CVE-2024-6927 | Viral Signup Plugin up to 2.1 on WordPress Setting cross site scripting

CVE-2021-47095 | Linux Kernel up to 5.4.168/5.10.88/5.15.11 ipmi ssif_info->client null pointer dereference

CVE-2024-25528 | RuvarOA 6.01/12.01 worklog_template_show.aspx id sql injection

CVE-2023-42006 | IBM i 7.2/7.3/7.4/7.5 Administration Runtime Expert missing encryption (XFDB-265266)