Does 2.2.6 address this backdoor?
-
Evidently there is a backdoor to pfSense:
https://github.com/chadillac/pfsense_xmlrpc_backdoor
Does pfSense 2.2.6 address this and how much of a problem is it?
-
Can't make this work …. ;)
Back then (April 2015) we had also (the same) http://seclist.us/pfsense_xmlrpc_backdoor-a-php-backdoor-on-a-pfsense-firewall-over-xmlrpc-php.html
Also https://www.youtube.com/playlist?list=PL7j48fGjKnxT9DYFlN248E6HEQ4NErY9q
/usr/local/www/ignore.php
wasn't created.Anyway : start here : https://forum.pfsense.org/index.php?topic=71015.0 (more threads exists)
-
That's not a "backdoor" or even a vulnerability, it was named by a moron.
It's using administrative functions of the system, post-authentication as a root-level user, to copy files to the system. It can be summarized as "I can root your box, just give me your root password." Uh huh, you can. With every OS ever created. When you're authenticated with full administrative credentials, there is no limit to what you can do, whether pfSense or Windows or Linux or BSD or anything else.