CVE-2019-16701

Published September 25th, 2019

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

HIGH

Affected

PROJECT

Description

pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.exec_php call containing shell metacharacters in a parameter value.

pfsense/pfsense

Main repository for pfSense

GitHub

5.67K