pfSense versions 2.3.1_1 and below contain a remote command execution vulnerability post authentication in the system_groupmanager.php page.
7e95005faf5bd57e5f8dd4d924787a1fff296c90c38c30c7cdaff7910db8bb51
pfSense versions 2.3.1_1 and below suffers from a post authentication command execution vulnerability.
38bd905e4f39ebc728fa322253ee554cfc343e8e8ca0434b0a367fb01c15667a