pfSense < 2.7.0 & pfSense Plus < 23.05.1 - RCE via interfaces_gif_edit.php & interfaces_gre_edit.php
An issue in Netgate pfSense v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the interfaces_gif_edit.php and interfaces_gre_edit.php components.