CVE-2023-44276 - XSS in OPNsense Prior to 23.7.5 via `index.php` Sequence Parameter – What You Need To Know
If you are running OPNsense firewall before version 23.7.5, this post is for you. In late 2023, a serious vulnerability—CVE-2023-44276—was found
CVE-2023-44275 - XSS Vulnerability in OPNsense Dashboard (index.php column_count parameter)
A recent vulnerability, CVE-2023-44275, has been discovered in OPNsense firewall software, which could allow an attacker to execute malicious JavaScript code through a Cross-Site Scripting
CVE-2023-39003 - Insecure Permissions in OPNsense /tmp Directory – How It Worked and Why You Should Patch
In mid-2023, a vulnerability surfaced in OPNsense firewalls—the popular open-source firewall and routing platform used by thousands of enterprises and homelabbers. This flaw, identified
CVE-2023-39002 - Breaking Down the OPNsense 23.7 XSS Vulnerability in `system_certmanager.php` (with PoC)
CVE-2023-39002 is a recently discovered cross-site scripting (XSS) vulnerability in OPNsense’s system_certmanager.php script. Affecting versions before 23.7, this security issue lets
CVE-2023-39005 - Insecure Permissions for configd.socket in OPNsense Before 23.7 — Analysis, Code Snippet, and Exploit Details
OPNsense, a widely-used open-source firewall and routing platform, is critical for network security in many organizations. In summer 2023, researchers uncovered a serious vulnerability — CVE-2023-39005
Episode
00:00:00
00:00:00