Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/05/09 2:21 a.m.10 views

CVE-2025-69690

Netgate pfSense CE 2.7.2 allows code execution by using the module installer with a backup file with a serialized PHP object containing the postrebootcommands property. NOTE: the Supplier disputes this because this installer is only available to admins and they are intentionally allowed to execut...

9.1CVSS6.3AI score0.00634EPSS
Exploits4References1
NVD
NVD
added 2026/05/08 7:16 a.m.44 views

CVE-2025-69690

Netgate pfSense CE 2.7.2 allows code execution by using the module installer with a backup file with a serialized PHP object containing the postrebootcommands property. NOTE: the Supplier disputes this because this installer is only available to admins and they are intentionally allowed to execut...

9.1CVSS0.00634EPSS
Exploits4References2
CVE
CVE
added 2026/05/08 12:0 a.m.1006 views

CVE-2025-69690

Netgate pfSense Community Edition 2.7.2 and 2.8.0 are affected by two authenticated RCE paths. First, unsafe deserialization in the module installer/backups allows a crafted backup XML containing a serialized PHP object with the post_reboot_commands property to execute commands with root privileg...

9.1CVSS6.3AI score0.00634EPSS
Exploits4References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.25 views

PT-2026-38672

Name of the Vulnerable Software and Affected Versions Netgate pfSense CE version 2.7.2 Description Netgate pfSense CE allows code execution through the module installer. This occurs when a backup file containing a serialized PHP object with the post reboot commands property is used. Recommendatio...

9.1CVSS6.2AI score0.00634EPSS
Exploits4References6
ATTACKERKB
ATTACKERKB
added 2026/05/08 12:0 a.m.8 views

CVE-2025-69690

Netgate pfSense CE 2.7.2 allows code execution by using the module installer with a backup file with a serialized PHP object containing the postrebootcommands property. NOTE: the Supplier disputes this because this installer is only available to admins and they are intentionally allowed to execut...

6.3AI score0.00634EPSS
Exploits4References3
Vulnrichment
Vulnrichment
added 2026/05/08 12:0 a.m.9 views

CVE-2025-69690

Netgate pfSense CE 2.7.2 allows code execution by using the module installer with a backup file with a serialized PHP object containing the postrebootcommands property. NOTE: the Supplier disputes this because this installer is only available to admins and they are intentionally allowed to execut...

6.3AI score0.00634EPSS
Exploits4References2
Rows per page
Query Builder