3 matches found
PT-2023-26730 · Opnsense · Opnsense Community Edition +1
Name of the Vulnerable Software and Affected Versions: OPNsense Community Edition versions prior to 23.7 OPNsense Business Edition versions prior to 23.4.2 Description: The issue is related to insecure permissions in the configuration directory /conf/ of OPNsense, allowing attackers to access...
PT-2023-26723 · Opnsense · Opnsense Community Edition +1
Name of the Vulnerable Software and Affected Versions: OPNsense Community Edition versions prior to 23.7 OPNsense Business Edition versions prior to 23.4.2 Description: The issue is an open redirect in the Login page of OPNsense, allowing attackers to redirect a victim user to an arbitrary web si...
Deciso OPNsense Cross-Site Scripting Vulnerability
Deciso OPNsense is a FreeBSD-based open source firewall and routing software from Dutch company Deciso. A cross-site scripting vulnerability exists in Deciso OPNsense versions prior to 23.7, which stems from a cross-site scripting XSS vulnerability in component /ui/cron/item/open...