CVE-2025-69690

EUVD-2025-209738
Netgate pfSense CE 2.7.2 allows code execution by using the module installer with a backup file with a serialized PHP object containing the post_reboot_commands property. NOTE: the Supplier disputes this because this installer is only available to admins and they are intentionally allowed to execute PHP code.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.1 CRITICAL
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
Affected Products (NVD)
VendorProductVersion
pfsensepfsense
2.7.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://seclists.org/fulldisclosure/2026/Feb/16
https://www.linkedin.com/in/nelson-adhepeau/
https://seclists.org/fulldisclosure/2026/Feb/16