A potential authenticated arbitrary command execution vulnerability was found in
interfaces_bridge_edit.php, a component of the pfSense Plus and pfSense CE
When creating or editing a bridge interface on interfaces_bridge_edit.php, the
submitted POST "bridgeif" value is used before it is validated. Subsequently,
that function calls others which in turn use the submitted interface name in
Due to a lack of escaping on commands in the functions being called, it is
possible to execute arbitrary commands with a properly formatted submission
value for "bridgeif" in POST operations.
This problem is present on pfSense Plus version 23.01, pfSense CE version
2.6.0, and earlier versions of both.
A user with sufficient privileges to access interfaces_bridge_edit.php may be
able to execute arbitrary shell commands.