3 matches found
CVE-2023-39004
Insecure permissions in the configuration directory /conf/ of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allow attackers to access sensitive information e.g., hashed root password which could lead to privilege escalation...
CVE-2023-39004
Insecure permissions in the configuration directory /conf/ of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allow attackers to access sensitive information e.g., hashed root password which could lead to privilege escalation...
CVE-2023-39004
CVE-2023-39004 concerns insecure permissions in the OPNSense configuration directory (/conf/). Affected: OPNSense Community Edition prior to 23.7 and Business Edition prior to 23.4.2. Root cause: misconfigured directory permissions may allow attackers to read sensitive data (e.g., hashed root pas...