EIP-2026-100971

PRE-CVE

pfSense UTM Platform 2.0.1 - Cross-Site Scripting

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100971. PoCs published by Dimitris Strevinas.

AI-analyzed exploit summary This is a vulnerability writeup describing a semi-persistent XSS and CSRF vulnerability in pfSense <= 2.0.1 during IPSec XAuth authentication. The exploit involves injecting JavaScript/HTML code as a username during authentication, which is then reflected in the IPSec logs.

Description

pfSense UTM Platform 2.0.1 - Cross-Site Scripting

Exploits (1)

exploitdb WRITEUP
by Dimitris Strevinas · textwebappsfreebsd
https://www.exploit-db.com/exploits/24439

This is a vulnerability writeup describing a semi-persistent XSS and CSRF vulnerability in pfSense <= 2.0.1 during IPSec XAuth authentication. The exploit involves injecting JavaScript/HTML code as a username during authentication, which is then reflected in the IPSec logs.

Classification
Writeup 100%
Attack Type
Xss
Complexity
Moderate
Reliability
Reliable
Target: pfSense <= 2.0.1
Auth required
Prerequisites: Successful completion of IPSec Phase 1 and Phase 2 · Valid credentials/certificates for VPN authentication
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026