| Summary | Netgate pfSense CE 2.8.0 allows code execution in the XMLRPC API via pfsense.exec_php. NOTE: the Supplier disputes this because the API call is only available to admins and they are intentionally allowed to execute PHP code. |
|---|---|
| Publication Date | May 8, 2026, 4:16 p.m. |
| Registration Date | May 9, 2026, 4:12 a.m. |
| Last Update | May 9, 2026, 1:02 a.m. |