CVE-2025-69691

CRITICAL

Netgate pfSense CE 2.8.0 - Code Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-69691. PoCs published by privlabs.

AI-analyzed exploit summary This repository provides a detailed technical analysis of two authenticated RCE vulnerabilities in Netgate pfSense Community Edition (CVE-2025-69690 and CVE-2025-69691). It includes attack flows, affected components, PoC payloads, and vendor responses, demonstrating a deep understanding of the vulnerabilities.

Description

Netgate pfSense CE 2.8.0 allows code execution in the XMLRPC API via pfsense.exec_php. NOTE: the Supplier disputes this because the API call is only available to admins and they are intentionally allowed to execute PHP code.

Exploits (1)

github WRITEUP
by privlabs · poc
https://github.com/privlabs/CVE-2025-69690-CVE-2025-69691

This repository provides a detailed technical analysis of two authenticated RCE vulnerabilities in Netgate pfSense Community Edition (CVE-2025-69690 and CVE-2025-69691). It includes attack flows, affected components, PoC payloads, and vendor responses, demonstrating a deep understanding of the vulnerabilities.

Classification
Writeup 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Netgate pfSense Community Edition 2.7.2 and 2.8.0
Auth required
Prerequisites: admin credentials · access to pfSense web interface or XMLRPC API
devstral-2 · analyzed May 17, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 9.9
EPSS 0.0053
EPSS Percentile 40.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-284 CWE-915
Status published
Products (1)
pfsense/pfsense 2.8.0
Published May 08, 2026
Tracked Since May 08, 2026