pfSense up to and including 2.3.4 up to and including 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.exec_php call containing shell metacharacters in a parameter value.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netgate pfsense 2.4.4 |
||
netgate pfsense |