Threat Encyclopedia



This indicates an attack attempt against a remote Command Injection vulnerability in Netgate pfSense.
The vulnerability is due to an improper validation of user-supplied parameters by system_advanced_misc.php. A remote attacker can exploit this to execute arbitrary commands via a crafted HTTP request.

affected-products-logoAffected Products

Netgate pfSense 2.4.x prior to 2.4.4-p1

Impact logoImpact

System Compromise: Remote attackers can execute arbitrary commands with root privileges.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor:

Telemetry logoTelemetry