3 matches found
CVE-2023-38997
A directory traversal vulnerability in the Captive Portal templates of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary system commands as root via a crafted ZIP archive...
CVE-2023-38997
A directory traversal vulnerability in the Captive Portal templates of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary system commands as root via a crafted ZIP archive...
CVE-2023-38997
Summary: CVE-2023-38997 describes a directory traversal in OPNSense’s Captive Portal templates that allows an attacker to execute arbitrary commands as root via a crafted ZIP archive. Affected products/versions: OPNSense Community Edition before 23.7 and Business Edition before 23.4.2. Root cause...