pfSense v2.7.0 Command Injection in restore_rrddata() via config.xml
CVE-2023-27253 Published on March 17, 2023

A command injection vulnerability in the function restore_rrddata() of Netgate pfSense v2.7.0 allows authenticated attackers to execute arbitrary commands via manipulating the contents of an XML file supplied to the component config.xml.

NVD

Products Associated with CVE-2023-27253

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-27253 are published in Netgate Pfsense:

Netgate Pfsense

Exploit Probability

EPSS

79.18%

Percentile

99.04%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

pfSense v2.7.0 Command Injection in restore_rrddata() via config.xmlCVE-2023-27253 Published on March 17, 2023

Products Associated with CVE-2023-27253

Exploit Probability

pfSense v2.7.0 Command Injection in restore_rrddata() via config.xml
CVE-2023-27253 Published on March 17, 2023