CVE-2023-44276 - XSS in OPNsense Prior to 23.7.5 via `index.php` Sequence Parameter – What You Need To Know
If you are running OPNsense firewall before version 23.7.5, this post is for you. In late 2023, a serious vulnerability—CVE-2023-44276—was found
CVE-2023-44275 - XSS Vulnerability in OPNsense Dashboard (index.php column_count parameter)
A recent vulnerability, CVE-2023-44275, has been discovered in OPNsense firewall software, which could allow an attacker to execute malicious JavaScript code through a Cross-Site Scripting
CVE-2023-39008 - Command Injection in OPNsense /api/cron/settings/setJob/ — How Attackers Can Execute System Commands
In July 2023, security researchers uncovered a significant vulnerability in OPNsense — the open-source firewall and routing platform widely used in both professional and home environments.
CVE-2023-39003 - Insecure Permissions in OPNsense /tmp Directory – How It Worked and Why You Should Patch
In mid-2023, a vulnerability surfaced in OPNsense firewalls—the popular open-source firewall and routing platform used by thousands of enterprises and homelabbers. This flaw, identified
CVE-2023-39002 - Breaking Down the OPNsense 23.7 XSS Vulnerability in `system_certmanager.php` (with PoC)
CVE-2023-39002 is a recently discovered cross-site scripting (XSS) vulnerability in OPNsense’s system_certmanager.php script. Affecting versions before 23.7, this security issue lets
Episode
00:00:00
00:00:00