54 matches found
CVE-2026-44193
OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.7, the XMLRPC method opnsense.restoreconfigsection fails to sanitize user supplied input leading to Remote Code Execution. This vulnerability is fixed in 26.1.7...
CVE-2026-45158 OPNsense: Command Injection via Attacker-Controlled DHCP Config
OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, unsanitized user input is passed to the DHCP configuration of the configured interface, which is processed by a shell script, allowing remote code execution as root on the underlying operating system. This vulnerability i...
CVE-2026-45158
CVE-2026-45158 affects OPNsense (FreeBSD-based firewall) prior to version 26.1.8. Unsanitized user input is passed to the DHCP configuration of the configured interface and processed by a shell script, enabling remote code execution as root on the underlying OS. The issue is fixed in 26.1.8. No e...
EUVD-2026-30202
OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, unsanitized user input is passed to the DHCP configuration of the configured interface, which is processed by a shell script, allowing remote code execution as root on the underlying operating system. This vulnerability i...
CVE-2026-45158
OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, unsanitized user input is passed to the DHCP configuration of the configured interface, which is processed by a shell script, allowing remote code execution as root on the underlying operating system. This vulnerability i...
EUVD-2026-30184
OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, an authenticated Remote Code Execution RCE vulnerability in the OPNsense core allows a user with user-management privileges to execute arbitrary system commands as root. An attacker can bypass input validation by formatti...
CVE-2026-44194
OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, an authenticated Remote Code Execution RCE vulnerability in the OPNsense core allows a user with user-management privileges to execute arbitrary system commands as root. An attacker can bypass input validation by formatti...
CVE-2026-44195 OPNsense: Authentication lockout bypass
OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.7, a logic flaw in the OPNsense lockouthandler allows an unauthenticated attacker to continuously reset the authentication failure counter for their IP address. By interjecting a crafted username containing a success keyword...
CVE-2026-44195 OPNsense: Authentication lockout bypass
OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.7, a logic flaw in the OPNsense lockouthandler allows an unauthenticated attacker to continuously reset the authentication failure counter for their IP address. By interjecting a crafted username containing a success keyword...
CVE-2026-44193 OPNsense: RCE via XMLRPC endpoint using `opnsense.restore_config_section` method
OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.7, the XMLRPC method opnsense.restoreconfigsection fails to sanitize user supplied input leading to Remote Code Execution. This vulnerability is fixed in 26.1.7...
Deciso OPNsense 安全漏洞
Deciso OPNsense is a set of open-source firewall and routing software based on FreeBSD developed by the Dutch company Deciso. Versions of Decivo OPNsense prior to 26.1.7 contained security vulnerabilities. These vulnerabilities were caused by logical flaws in the lockouthandler module, allowing...
PT-2026-40828
Name of the Vulnerable Software and Affected Versions OPNsense versions prior to 26.1.7 Description A logic flaw in the lockout handler allows an unauthenticated attacker to continuously reset the authentication failure counter for their IP address. By interjecting a crafted username containing a...
CVE-2026-34578 OPNsense has an LDAP Injection via Unsanitized Username in Authentication
OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.6, OPNsense's LDAP authentication connector passes the login username directly into an LDAP search filter without calling ldapescape. An unauthenticated attacker can inject LDAP filter metacharacters into the username field ...
EUVD-2026-20896
OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.6, OPNsense's LDAP authentication connector passes the login username directly into an LDAP search filter without calling ldapescape. An unauthenticated attacker can inject LDAP filter metacharacters into the username field ...
CVE-2026-34578 OPNsense has an LDAP Injection via Unsanitized Username in Authentication
OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.6, OPNsense's LDAP authentication connector passes the login username directly into an LDAP search filter without calling ldapescape. An unauthenticated attacker can inject LDAP filter metacharacters into the username field ...
Deciso OPNsense 安全漏洞
Deciso OPNsense is a set of open-source firewall and routing software based on FreeBSD developed by the Dutch company Deciso. Prior to version 26.1.6, there were security vulnerabilities in OPNsense. These vulnerabilities stemmed from the LDAP authentication connector, which directly passed the...
CVE-2026-30868
OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.4, multiple OPNsense MVC API endpoints perform state‑changing operations but are accessible via HTTP GET requests without CSRF protection. The framework CSRF validation in ApiControllerBase only applies to POST/PUT/DELETE...
CVE-2026-30868
OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.4, multiple OPNsense MVC API endpoints perform state‑changing operations but are accessible via HTTP GET requests without CSRF protection. The framework CSRF validation in ApiControllerBase only applies to POST/PUT/DELETE...
CVE-2026-30868 Cross-Site Request Forgery (CSRF) in opnsense/core
OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.4, multiple OPNsense MVC API endpoints perform state‑changing operations but are accessible via HTTP GET requests without CSRF protection. The framework CSRF validation in ApiControllerBase only applies to POST/PUT/DELETE...
CVE-2026-30868
CVE-2026-30868 affects OPNsense (FreeBSD-based firewall) prior to 26.1.4. Several MVC API endpoints perform state-changing actions over HTTP GET without CSRF protection. The ApiControllerBase CSRF validation only covers POST/PUT/DELETE, allowing an authenticated user’s browser to trigger privileg...