pfSense v2.7.0 Command Injection in restore_rrddata() via config.xml
CVE-2023-27253 Published on March 17, 2023

A command injection vulnerability in the function restore_rrddata() of Netgate pfSense v2.7.0 allows authenticated attackers to execute arbitrary commands via manipulating the contents of an XML file supplied to the component config.xml.

NVD

Products Associated with CVE-2023-27253

Want to know whenever a new CVE is published for Netgate Pfsense? stack.watch will email you.

Netgate Pfsense

Exploit Probability

EPSS

77.75%

Percentile

99.00%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

pfSense v2.7.0 Command Injection in restore_rrddata() via config.xmlCVE-2023-27253 Published on March 17, 2023

Products Associated with CVE-2023-27253

Exploit Probability

pfSense v2.7.0 Command Injection in restore_rrddata() via config.xml
CVE-2023-27253 Published on March 17, 2023