35 matches found
PT-2025-40279
Name of the Vulnerable Software and Affected Versions Deciso OPNsense versions prior to 25.7.4 Description OPNsense versions prior to 25.7.4 are susceptible to a stored cross-site scripting issue. This occurs when creating a "Interfaces: Devices: Point-to-Point" entry, where the ptpid parameter i...
Deciso OPNsense 安全漏洞
Deciso OPNsense is a firewall and router operating system from the Dutch company Deciso. A security vulnerability exists in Deciso OPNsense versions prior to 25.7.4 that stems from not cleaning up HTML-related characters in the ptpid parameter, which could lead to a stored cross-site scripting...
CVE-2023-27152
DECISO OPNsense 23.1 does not impose rate limits for authentication, allowing attackers to perform a brute-force attack to bypass authentication...
CVE-2023-27152
DECISO OPNsense 23.1 does not impose rate limits for authentication, allowing attackers to perform a brute-force attack to bypass authentication...
CVE-2023-27152
CVE-2023-27152 affects DECISO OPNsense 23.1 and is caused by not imposing rate limits on authentication, enabling brute‑force attempts to bypass authentication. Attack vector: network; impact: high confidentiality, integrity, and availability. No remediation details are provided in the supplied d...
Deciso OPNsense Security Vulnerability
Deciso OPNsense is a suite of FreeBSD-based open source firewall and routing software from Dutch company Deciso. A security vulnerability exists in Deciso OPNsense version 23.1, which stems from a failure to impose a rate limit on authentication. An attacker could use this vulnerability to perfor...
CVE-2023-27152
DECISO OPNsense 23.1 does not impose rate limits for authentication, allowing attackers to perform a brute-force attack to bypass authentication...
Deciso OPNsense Cross-Site Scripting Vulnerability
Deciso OPNsense is a suite of FreeBSD-based open source firewall and routing software from Dutch company Deciso. A cross-site scripting vulnerability exists in OPNsense versions prior to 23.7.5. An attacker could exploit this vulnerability to perform cross-site scripting attacks...
OPNsense 23.1.11_1 / 23.7.3 / 23.7.4 Cross Site Scripting / Privilege Escalation
Advisory X41-2023-001: Two Vulnerabilities in OPNsense =========================================================== Highest Severity Rating: High Confirmed Affected Versions: 23.1.111, 23.7.3, 23.7.4 Confirmed Patched Versions: Commit 484753b2abe3fd0fcdb73d8bf00c3fc3709eb8b7 Vendor: Deciso B.V. /...
Deciso OPNsense Security Vulnerability
Deciso OPNsense is a FreeBSD-based open source firewall and routing software from Dutch company Deciso. A security vulnerability exists in Deciso OPNsense versions prior to 23.7, which stems from a misconfiguration of permissions in the directory /tmp...
Deciso OPNsense Security Vulnerability
Deciso OPNsense is a FreeBSD-based open source firewall and routing software from the Dutch company Deciso. A security vulnerability exists in OPNsense versions prior to 23.7, which stems from a permission misconfiguration issue in configd.socket...
Deciso OPNsense Cross-Site Scripting Vulnerability
Deciso OPNsense is a FreeBSD-based open source firewall and routing software from Dutch company Deciso. A cross-site scripting vulnerability exists in Deciso OPNsense versions prior to 23.7, which stems from a cross-site scripting XSS vulnerability in component /ui/cron/item/open...
Deciso OPNsense Command Injection Vulnerability
Deciso OPNsense is a FreeBSD-based open source firewall and routing software from Dutch company Deciso. A command injection vulnerability exists in OPNsense versions prior to 23.7, which stems from a command injection vulnerability in the component diagbackup.php. An attacker can exploit this...
OPNsense Cross-Site Scripting Vulnerability
OPNsense is an open source, FreeBSD-based firewall and routing software developed by Deciso Inc. A cross-site scripting vulnerability exists in versions prior to OPNsense 21.7.4. An attacker can exploit the vulnerability by returning LDAP attributes in the authentication tester to conduct...
Deciso OPNsense Access Control Error Vulnerability
Deciso OPNsense is a FreeBSD-based open source firewall and routing software from Dutch company Deciso. An Access Control Error vulnerability in Deciso OPNsense version 18.7.x prior to 18.7.7, which arises from a network system or product that does not properly restrict access to resources from...