CVE-2025-69691 | Netgate pfSense CE up to 2.8.0 XMLRPC API pfsense.exec_php access control

Inserito da Angelo Barbosa | Feb 17, 2026 | CVE

A vulnerability was found in Netgate pfSense CE up to 2.8.0. It has been rated as critical. Affected by this vulnerability is the function exec_php of the file pfsense.exec_php of the component XMLRPC API. Performing a manipulation results in improper access controls.

This vulnerability is cataloged as CVE-2025-69691. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-69691 | Netgate pfSense CE up to 2.8.0 XMLRPC API pfsense.exec_php access control

Post correlati

CVE-2024-2370 | Zoho ManageEngine Desktop Central 9 Build 90055 unrestricted upload

CVE-2024-30384 | Juniper Junos OS up to 20.4R3-S1/21.2R3-S6/21.4R3-S5 on EX4300 Packet Forwarding Engine unusual condition (JSA79186)

CVE-2024-41241 | Kashipara Responsive School Management System 3.2.0 /smsa/admin_login.php error cross site scripting

CVE-2025-49985 | Ali Irani Auto Upload Images Plugin up to 3.3.2 on WordPress server-side request forgery