Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2023-27253XML Injection (aka Blind XPath Injection) in Pfsense

CWE-91XML Injection (aka Blind XPath Injection)5 documents5 sources
Severity
8.8HIGHNVD
EPSS
77.7%
top 1.00%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Netgate Pfsense
Timeline
PublishedMar 17
Latest updateJul 20

Description

A command injection vulnerability in the function restore_rrddata() of Netgate pfSense v2.7.0 allows authenticated attackers to execute arbitrary commands via manipulating the contents of an XML file supplied to the component config.xml.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

NVDnetgate/pfsense2.7.0

Patches

Patch: github.comPatch: redmine.pfsense.orgPatch: github.com

🔴Vulnerability Details

2
GHSA
GHSA-mh3m-qv7g-hjvv: A command injection vulnerability in the function restore_rrddata() of Netgate pfSense v22023-03-18
CVEList
CVE-2023-27253: A command injection vulnerability in the function restore_rrddata() of Netgate pfSense v22023-03-17

💥Exploits & PoCs

2
Exploit-DB
pfSense v2.7.0 - OS Command Injection2023-07-20
Metasploit
pfSense Restore RRD Data Command Injection
CVE-2023-27253 — Netgate Pfsense vulnerability | cvebase