CVE-2023-42326

HIGH

pfSense < 2.7.0 & pfSense Plus < 23.05.1 - RCE via interfaces_gif_edit.php & interfaces_gre_edit.php

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-42326. PoCs published by bl4ckarch.

AI-analyzed exploit summary This repository contains a functional Python exploit for CVE-2023-42326, a command injection vulnerability in pfSense 2.7.0. The exploit leverages the `interfaces_gif_edit.php` and `interfaces_gre_edit.php` components to execute arbitrary commands as an authenticated admin user.

Description

An issue in Netgate pfSense v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the interfaces_gif_edit.php and interfaces_gre_edit.php components.

Exploits (1)

nomisec WORKING POC 3 stars

by bl4ckarch · poc

https://github.com/bl4ckarch/CVE-2023-42326

View Code ZIP pw:eip

This repository contains a functional Python exploit for CVE-2023-42326, a command injection vulnerability in pfSense 2.7.0. The exploit leverages the `interfaces_gif_edit.php` and `interfaces_gre_edit.php` components to execute arbitrary commands as an authenticated admin user.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: pfSense 2.7.0

Auth required

Prerequisites: Valid admin credentials for pfSense · Network access to the pfSense web interface

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Various Sources

https://www.sonarsource.com/blog/pfsense-vulnerabilities-sonarcloud/

Vendor Advisory

https://docs.netgate.com/downloads/pfSense-SA-23_10.webgui.asc

Scores

CVSS v3 8.8

EPSS 0.6402

EPSS Percentile 99.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-77

Status published

Products (2)

netgate/pfsense < 2.7.0

netgate/pfsense_plus < 23.05.1

Published Nov 14, 2023

Tracked Since Feb 18, 2026