CVE-2025-69691 | Netgate pfSense CE up to 2.8.0 XMLRPC API pfsense.exec_php access control

February 17, 2026 Yanac

A vulnerability was found in Netgate pfSense CE up to 2.8.0. It has been rated as critical. Affected by this vulnerability is the function exec_php of the file pfsense.exec_php of the component XMLRPC API. Performing a manipulation results in improper access controls.

This vulnerability is cataloged as CVE-2025-69691. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More