Zhao Mouren

**Name of the Vulnerable Software and Affected Versions** pfsense version 2.5.2 **Description** A cross-site scripting (XSS) vulnerability in pfsense allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the `$pconfig` variable at "interfaces groups edit.php". This issue can lead to arbitrary command execution. Approximately 612,000 exposed instances have been revealed by a ZoomEye Dork app. The vulnerability is actively being exploited. **Recommendations** For pfsense version 2.5.2, update pfsense immediately to mitigate the risk of exploitation. As a temporary workaround, consider restricting access to the "interfaces groups edit.php" page and the `$pconfig` variable to minimize the risk of exploitation. Monitor for suspicious activity.