Important Security Advisory: pfSense Captive Portal Vulnerability

Nov. 6, 2025 | Categories: Vulnerabilities

An important security vulnerability has been discovered in pfSense that affects installations with captive portal enabled with certain configurations. This vulnerability requires NO AUTHENTICATION to exploit.

Important Security Advisory: pfSense Captive Portal Vulnerability

November 6, 2025 Security Advisory Important

⚠️

Important Vulnerability Under Responsible Disclosure

An important security vulnerability has been discovered in pfSense that affects installations with captive portal enabled and specific configuration. Under specific configurations this vulnerability requires NO AUTHENTICATION to exploit.

If you use pfSense captive portal, please read this advisory immediately and implement mitigations.

Want to Read More?

This is premium content from our research team. Create a free account to access the full article and join our community of security professionals.

✓ Full access to all blog posts

✓ Exclusive cybersecurity insights

✓ Comment and engage with experts

✓ Early access to new research

Create Free Account Sign In

Already have an account? Sign in here

Easy Install

From small business to enterprise, Karma-X installs simply and immediately adds peace of mind

Integration Ready

Karma-X doesn't interfere with other software, only malware and exploits, due to its unique design.

Reduce Risk

Whether adversary nation or criminal actors, Karma-X significantly reduces exploitation risk of any organization

Updated Regularly

Update to deploy new defensive techniques to suit your organization's needs as they are offered

Deploy
Karma-X

Get Karma-X!

Get Karma-X Endpoint

Get Karma-X TimeCapsule

Get Vitamin-K for Free

Get Karma Browser