CVE-2023-27253
on github
Published
Severity
CVSS v3:
8.8 HIGH
CVSS v2:
N/A
Description
A command injection vulnerability in the function restore_rrddata() of Netgate pfSense v2.7.0 allows authenticated attackers to execute arbitrary commands via manipulating the contents of an XML file supplied to the component config.xml.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:netgate:pfsense:2.7.0:*:*:*:*:*:*:* | n/a | n/a | 2.7.0 |