pfSense is a popular open-source firewall solution maintained by Netgate, researchers discovered multiple security issues affecting it.
Researchers from SonarCloud discovered several security issues, Cross-Site Scripting (XSS) vulnerabilities and a Command Injection vulnerability in pfSense CE (CVE-2023-42325, CVE-2023-42327, CVE-2023-42326). The experts pointed out that an attacker can chain them attacker to execute arbitrary commands on a vulnerable pfSense appliance.