Lucene search
+L

35 matches found

ptsecurity
ptsecurity
added 2025/10/01 12:0 a.m.4 views

PT-2025-40279

Name of the Vulnerable Software and Affected Versions Deciso OPNsense versions prior to 25.7.4 Description OPNsense versions prior to 25.7.4 are susceptible to a stored cross-site scripting issue. This occurs when creating a "Interfaces: Devices: Point-to-Point" entry, where the ptpid parameter i...

5.1CVSS5.6AI score0.00305EPSS
Exploits0References6
cnnvd
cnnvd
added 2025/10/01 12:0 a.m.6 views

Deciso OPNsense 安全漏洞

Deciso OPNsense is a firewall and router operating system from the Dutch company Deciso. A security vulnerability exists in Deciso OPNsense versions prior to 25.7.4 that stems from not cleaning up HTML-related characters in the ptpid parameter, which could lead to a stored cross-site scripting...

5.1CVSS5.8AI score0.00305EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/23 3:31 a.m.7 views

CVE-2023-27152

DECISO OPNsense 23.1 does not impose rate limits for authentication, allowing attackers to perform a brute-force attack to bypass authentication...

9.8CVSS6.9AI score0.00889EPSS
Exploits1References1
attackerkb
attackerkb
added 2023/10/23 9:15 p.m.3 views

CVE-2023-27152

DECISO OPNsense 23.1 does not impose rate limits for authentication, allowing attackers to perform a brute-force attack to bypass authentication...

9.8CVSS7.2AI score0.00889EPSS
Exploits1References2
cve
cve
added 2023/10/23 12:0 a.m.78 views

CVE-2023-27152

CVE-2023-27152 affects DECISO OPNsense 23.1 and is caused by not imposing rate limits on authentication, enabling brute‑force attempts to bypass authentication. Attack vector: network; impact: high confidentiality, integrity, and availability. No remediation details are provided in the supplied d...

9.8CVSS9.4AI score0.00889EPSS
Exploits1References1Affected Software1
cnnvd
cnnvd
added 2023/10/23 12:0 a.m.4 views

Deciso OPNsense Security Vulnerability

Deciso OPNsense is a suite of FreeBSD-based open source firewall and routing software from Dutch company Deciso. A security vulnerability exists in Deciso OPNsense version 23.1, which stems from a failure to impose a rate limit on authentication. An attacker could use this vulnerability to perfor...

9.8CVSS6.7AI score0.00889EPSS
Exploits1References2
osv
osv
added 2023/10/23 12:0 a.m.21 views

CVE-2023-27152

DECISO OPNsense 23.1 does not impose rate limits for authentication, allowing attackers to perform a brute-force attack to bypass authentication...

9.8CVSS7.1AI score0.00889EPSS
Exploits1References3
cnnvd
cnnvd
added 2023/09/28 12:0 a.m.5 views

Deciso OPNsense Cross-Site Scripting Vulnerability

Deciso OPNsense is a suite of FreeBSD-based open source firewall and routing software from Dutch company Deciso. A cross-site scripting vulnerability exists in OPNsense versions prior to 23.7.5. An attacker could exploit this vulnerability to perform cross-site scripting attacks...

5.4CVSS6AI score0.00501EPSS
Exploits1References4
packetstorm
packetstorm
added 2023/09/25 12:0 a.m.433 views

OPNsense 23.1.11_1 / 23.7.3 / 23.7.4 Cross Site Scripting / Privilege Escalation

Advisory X41-2023-001: Two Vulnerabilities in OPNsense =========================================================== Highest Severity Rating: High Confirmed Affected Versions: 23.1.111, 23.7.3, 23.7.4 Confirmed Patched Versions: Commit 484753b2abe3fd0fcdb73d8bf00c3fc3709eb8b7 Vendor: Deciso B.V. /...

7.1AI score
Exploits0
cnnvd
cnnvd
added 2023/08/09 12:0 a.m.9 views

Deciso OPNsense Security Vulnerability

Deciso OPNsense is a FreeBSD-based open source firewall and routing software from Dutch company Deciso. A security vulnerability exists in Deciso OPNsense versions prior to 23.7, which stems from a misconfiguration of permissions in the directory /tmp...

7.5CVSS6.7AI score0.00648EPSS
Exploits1References3
cnnvd
cnnvd
added 2023/08/09 12:0 a.m.6 views

Deciso OPNsense Security Vulnerability

Deciso OPNsense is a FreeBSD-based open source firewall and routing software from the Dutch company Deciso. A security vulnerability exists in OPNsense versions prior to 23.7, which stems from a permission misconfiguration issue in configd.socket...

7.5CVSS6.7AI score0.00595EPSS
Exploits1References3
cnnvd
cnnvd
added 2023/08/09 12:0 a.m.5 views

Deciso OPNsense Cross-Site Scripting Vulnerability

Deciso OPNsense is a FreeBSD-based open source firewall and routing software from Dutch company Deciso. A cross-site scripting vulnerability exists in Deciso OPNsense versions prior to 23.7, which stems from a cross-site scripting XSS vulnerability in component /ui/cron/item/open...

9.6CVSS5.7AI score0.02315EPSS
Exploits1References4
cnnvd
cnnvd
added 2023/08/09 12:0 a.m.5 views

Deciso OPNsense Command Injection Vulnerability

Deciso OPNsense is a FreeBSD-based open source firewall and routing software from Dutch company Deciso. A command injection vulnerability exists in OPNsense versions prior to 23.7, which stems from a command injection vulnerability in the component diagbackup.php. An attacker can exploit this...

9.8CVSS8AI score0.02977EPSS
Exploits1References3
cnvd
cnvd
added 2021/11/09 12:0 a.m.27 views

OPNsense Cross-Site Scripting Vulnerability

OPNsense is an open source, FreeBSD-based firewall and routing software developed by Deciso Inc. A cross-site scripting vulnerability exists in versions prior to OPNsense 21.7.4. An attacker can exploit the vulnerability by returning LDAP attributes in the authentication tester to conduct...

6.1CVSS2.6AI score0.0133EPSS
Exploits1References1
cnvd
cnvd
added 2019/06/19 12:0 a.m.1 views

Deciso OPNsense Access Control Error Vulnerability

Deciso OPNsense is a FreeBSD-based open source firewall and routing software from Dutch company Deciso. An Access Control Error vulnerability in Deciso OPNsense version 18.7.x prior to 18.7.7, which arises from a network system or product that does not properly restrict access to resources from...

6.5CVSS6.8AI score0.00642EPSS
Exploits0References1
Rows per page
Query Builder