AttackFeed by Joe Wagner | [Full Disclosure] CVE-2025-69690 & CVE-2025-69691 — Authenticated RCE in Netgate pfSense CE 2.7.2 and 2.8.0  - Full Disclosure

[Full Disclosure] CVE-2025-69690 & CVE-2025-69691 — Authenticated RCE in Netgate pfSense CE 2.7.2 and 2.8.0  – Full Disclosure

Posted on By Joe-W No Comments on [Full Disclosure] CVE-2025-69690 & CVE-2025-69691 — Authenticated RCE in Netgate pfSense CE 2.7.2 and 2.8.0  – Full Disclosure
Alert Feeds

 

Posted by privexploits via Fulldisclosure on Feb 16

Advisory: Authenticated Remote Code Execution in pfSense CECVEs: CVE-2025-69690, CVE-2025-69691
Researcher: Nelson Adhepeau (privexploits () protonmail com)
Date: February 2026

== RESPONSIBLE DISCLOSURE NOTICE ==

This advisory is published in accordance with responsible disclosure practices. 

The vendor was notified on December 2, 2025, acknowledged the reports, and indicated no patches would be issued.
Publication follows standard 90-day…
 – Read More  – Full Disclosure 

You may also like

Alert Feeds
TinyOS 2.1.2 printfUART Global Buffer Overflow via Unbounded Format Expansion  – Full Disclosure
January 10, 2026
Alert Feeds
SigInt-Hombre v1 / dynamic Suricata detection rules from real-time threat feeds  – Full Disclosure
January 6, 2026
Alert Feeds
CyberDanube Security Research 20260119-0 | Authenticated Command Injection in Phoenix Contact TC Router Series  – Full Disclosure
February 5, 2026
Alert Feeds
Username Enumeration – elggv6.3.3  – Full Disclosure
January 29, 2026

Leave a Reply

AttackFeed by Joe Wagner
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.