Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/02/22 1:28 a.m.8 views

CVE-2026-2035

Deciso OPNsense diagbackup.php filename Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deciso OPNsense. Authentication is required to exploit this vulnerability. The specific flaw...

6.8CVSS6.5AI score0.01535EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 11:16 p.m.8 views

CVE-2026-2035

Deciso OPNsense diagbackup.php filename Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deciso OPNsense. Authentication is required to exploit this vulnerability. The specific flaw...

6.8CVSS0.01535EPSS
Exploits0References2
OSV
OSV
added 2026/02/15 2:16 p.m.5 views

CVE-2019-25368

OPNsense 19.1 contains multiple cross-site scripting vulnerabilities in the diagbackup.php endpoint that allow attackers to inject malicious scripts through multiple parameters including GDriveGDriveEmail, GDriveGDriveFolderID, GDriveGDriveBackupCount, Nextcloudurl, Nextclouduser,...

5.4CVSS5.6AI score
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2026/02/12 12:0 a.m.8 views

Deciso OPNsense diag_backup.php filename Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deciso OPNsense. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of backup configuration files. The issue results from the lack of...

6.8CVSS6.2AI score0.01535EPSS
Exploits0References1
Rows per page
Query Builder