Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Opnsense
(Opnsense)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 19 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2023-08-09 | CVE-2023-39006 | The Crash Reporter (crash_reporter.php) component of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 mishandles input sanitization. | Opnsense | 5.4 | ||
2023-08-09 | CVE-2023-39007 | /ui/cron/item/open in the Cron component of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows XSS via openAction in app/controllers/OPNsense/Cron/ItemController.php. | Opnsense | 9.6 | ||
2023-08-09 | CVE-2023-39008 | A command injection vulnerability in the component /api/cron/settings/setJob/ of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary system commands. | Opnsense | 9.8 | ||
2023-09-28 | CVE-2023-44275 | OPNsense before 23.7.5 allows XSS via the index.php column_count parameter to the Lobby Dashboard. | Opnsense | 5.4 | ||
2023-09-28 | CVE-2023-44276 | OPNsense before 23.7.5 allows XSS via the index.php sequence parameter to the Lobby Dashboard. | Opnsense | 5.4 | ||
2021-11-08 | CVE-2021-42770 | A Cross-site scripting (XSS) vulnerability was discovered in OPNsense before 21.7.4 via the LDAP attribute return in the authentication tester. | Opnsense | 6.1 | ||
2021-05-03 | CVE-2020-23015 | An open redirect issue was discovered in OPNsense through 20.1.5. The redirect parameter "url" in login page was not filtered and can redirect user to any website. | Opnsense | 6.1 | ||
2019-05-20 | CVE-2019-11816 | Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request. | Pfsense, Opnsense | N/A | ||
2019-06-17 | CVE-2018-18958 | OPNsense 18.7.x before 18.7.7 has Incorrect Access Control. | Opnsense | 6.5 |