---

pfSense 2.3.1 FreeBSD Firewall Update Patches Web GUI Security Issue, Seven Bugs

pfSense 2.3.1 Update 1 (2.3.1_1) is now live, and all users of the pfSense 2.3.1-RELEASE are urged to apply it as it patches a major security issue. The issue (pfSense-SA-16_05.webgui) has been discovered by Patrick Ungeheuer in pfSense’s Web GUI (Graphical User Interface), as command-injection vulnerabilities in the diag_smart.php and diag_routes.php files.