Total vulnerabilities in the database
pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection via a methodCall XML document with a pfsense.exec_php call containing shell metacharacters in a parameter value.
Software | From | Fixed in |
---|---|---|
netgate / pfsense | 2.4.4-p1 | 2.4.4-p1.x |
netgate / pfsense | 2.4.4-p3 | 2.4.4-p3.x |
netgate / pfsense | 2.4.4-p2 | 2.4.4-p2.x |
netgate / pfsense | 2.4.4 | 2.4.4.x |
netgate / pfsense | 2.3.4 | 2.4.4 |