all InfoSec news
RCE attacks could impact most internet-exposed pfSense instances
SC Magazine feed for Strategy www.scmagazine.com
More than 92% of internet-exposed instances of the pfSense open-source firewall and router software could be compromised to achieve remote code execution by chaining the reflective XSS vulnerabilities, tracked as CVE-2023-42325 and CVE-2023-42327, as well as the command injection bug, tracked as CVE-2023-42326, all of which have already been addressed by Netgate, according to BleepingComputer.
attacks bug code code execution command command injection compromised cve exposed firewall impact injection internet pfsense rce rce attacks remote code remote code execution router software threat intelligence vulnerabilities vulnerability management xss