Author name: SSD Secure Disclosure technical team

pfSense post-auth RCE demo

SSD Advisory – pfSense Post Auth RCE

TL;DR A vulnerability in pfSense allows authenticated users to cause the product to execute arbitrary code – this in turn would allow an attacker to compromise the machine on which the pfSense is installed. Vulnerability Summary Due to the way pfSense, an open-sourced firewall, manages names of rules – an authenticated attacker that is able …

SSD Advisory – pfSense Post Auth RCE Read More »


Get in touch