Opnsense
by Opnsense
Source repositories
CVEs (38)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-25368 | 0.00 | — | 0.00 | Feb 15, 2026 | OPNsense 19.1 contains multiple cross-site scripting vulnerabilities in the diag_backup.php endpoint that allow attackers to inject malicious scripts through multiple parameters including GDrive_GDriveEmail, GDrive_GDriveFolderID, GDrive_GDriveBackupCount, Nextcloud_url,… | |||
| CVE-2025-50989 | 0.00 | — | 0.08 | Aug 27, 2025 | OPNsense before 25.1.8 contains an authenticated command injection vulnerability in its Bridge Interface Edit endpoint (interfaces_bridge_edit.php). The span POST parameter is concatenated into a system-level command without proper sanitization or escaping, allowing an… | |||
| CVE-2023-27152 | 0.00 | — | 0.01 | Oct 23, 2023 | DECISO OPNsense 23.1 does not impose rate limits for authentication, allowing attackers to perform a brute-force attack to bypass authentication. | |||
| CVE-2023-44276 | 0.00 | — | 0.01 | Sep 28, 2023 | OPNsense before 23.7.5 allows XSS via the index.php sequence parameter to the Lobby Dashboard. | |||
| CVE-2023-44275 | 0.00 | — | 0.01 | Sep 28, 2023 | OPNsense before 23.7.5 allows XSS via the index.php column_count parameter to the Lobby Dashboard. | |||
| CVE-2023-39006 | 0.00 | — | 0.00 | Aug 9, 2023 | The Crash Reporter (crash_reporter.php) component of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 mishandles input sanitization. | |||
| CVE-2023-38997 | 0.00 | — | 0.01 | Aug 9, 2023 | A directory traversal vulnerability in the Captive Portal templates of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary system commands as root via a crafted ZIP archive. | |||
| CVE-2023-39001 | 0.00 | — | 0.03 | Aug 9, 2023 | A command injection vulnerability in the component diag_backup.php of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary commands via a crafted backup configuration file. | |||
| CVE-2023-39005 | 0.00 | — | 0.01 | Aug 9, 2023 | Insecure permissions exist for configd.socket in OPNsense Community Edition before 23.7 and Business Edition before 23.4.2. | |||
| CVE-2023-39007 | 0.00 | — | 0.02 | Aug 9, 2023 | /ui/cron/item/open in the Cron component of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows XSS via openAction in app/controllers/OPNsense/Cron/ItemController.php. | |||
| CVE-2023-39000 | 0.00 | — | 0.01 | Aug 9, 2023 | A reflected cross-site scripting (XSS) vulnerability in the component /ui/diagnostics/log/core/ of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to inject arbitrary JavaScript via the URL path. | |||
| CVE-2023-39002 | 0.00 | — | 0.01 | Aug 9, 2023 | A cross-site scripting (XSS) vulnerability in the act parameter of system_certmanager.php in OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | |||
| CVE-2023-38998 | 0.00 | — | 0.01 | Aug 9, 2023 | An open redirect in the Login page of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to redirect a victim user to an arbitrary web site via a crafted URL. | |||
| CVE-2023-38999 | 0.00 | — | 0.00 | Aug 9, 2023 | A Cross-Site Request Forgery (CSRF) in the System Halt API (/system/halt) of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | |||
| CVE-2023-39008 | 0.00 | — | 0.03 | Aug 9, 2023 | A command injection vulnerability in the component /api/cron/settings/setJob/ of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary system commands. | |||
| CVE-2021-42770 | 0.00 | — | 0.01 | Nov 8, 2021 | A Cross-site scripting (XSS) vulnerability was discovered in OPNsense before 21.7.4 via the LDAP attribute return in the authentication tester. | |||
| CVE-2018-18958 | 0.00 | — | 0.01 | Jun 17, 2019 | OPNsense 18.7.x before 18.7.7 has Incorrect Access Control. | |||
| CVE-2019-11816 | 0.00 | — | 0.03 | May 20, 2019 | Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request. |
- CVE-2019-25368Feb 15, 2026risk 0.00cvss —epss 0.00
OPNsense 19.1 contains multiple cross-site scripting vulnerabilities in the diag_backup.php endpoint that allow attackers to inject malicious scripts through multiple parameters including GDrive_GDriveEmail, GDrive_GDriveFolderID, GDrive_GDriveBackupCount, Nextcloud_url,…
- CVE-2025-50989Aug 27, 2025risk 0.00cvss —epss 0.08
OPNsense before 25.1.8 contains an authenticated command injection vulnerability in its Bridge Interface Edit endpoint (interfaces_bridge_edit.php). The span POST parameter is concatenated into a system-level command without proper sanitization or escaping, allowing an…
- CVE-2023-27152Oct 23, 2023risk 0.00cvss —epss 0.01
DECISO OPNsense 23.1 does not impose rate limits for authentication, allowing attackers to perform a brute-force attack to bypass authentication.
- CVE-2023-44276Sep 28, 2023risk 0.00cvss —epss 0.01
OPNsense before 23.7.5 allows XSS via the index.php sequence parameter to the Lobby Dashboard.
- CVE-2023-44275Sep 28, 2023risk 0.00cvss —epss 0.01
OPNsense before 23.7.5 allows XSS via the index.php column_count parameter to the Lobby Dashboard.
- CVE-2023-39006Aug 9, 2023risk 0.00cvss —epss 0.00
The Crash Reporter (crash_reporter.php) component of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 mishandles input sanitization.
- CVE-2023-38997Aug 9, 2023risk 0.00cvss —epss 0.01
A directory traversal vulnerability in the Captive Portal templates of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary system commands as root via a crafted ZIP archive.
- CVE-2023-39001Aug 9, 2023risk 0.00cvss —epss 0.03
A command injection vulnerability in the component diag_backup.php of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary commands via a crafted backup configuration file.
- CVE-2023-39005Aug 9, 2023risk 0.00cvss —epss 0.01
Insecure permissions exist for configd.socket in OPNsense Community Edition before 23.7 and Business Edition before 23.4.2.
- CVE-2023-39007Aug 9, 2023risk 0.00cvss —epss 0.02
/ui/cron/item/open in the Cron component of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows XSS via openAction in app/controllers/OPNsense/Cron/ItemController.php.
- CVE-2023-39000Aug 9, 2023risk 0.00cvss —epss 0.01
A reflected cross-site scripting (XSS) vulnerability in the component /ui/diagnostics/log/core/ of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to inject arbitrary JavaScript via the URL path.
- CVE-2023-39002Aug 9, 2023risk 0.00cvss —epss 0.01
A cross-site scripting (XSS) vulnerability in the act parameter of system_certmanager.php in OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
- CVE-2023-38998Aug 9, 2023risk 0.00cvss —epss 0.01
An open redirect in the Login page of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to redirect a victim user to an arbitrary web site via a crafted URL.
- CVE-2023-38999Aug 9, 2023risk 0.00cvss —epss 0.00
A Cross-Site Request Forgery (CSRF) in the System Halt API (/system/halt) of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to cause a Denial of Service (DoS) via a crafted GET request.
- CVE-2023-39008Aug 9, 2023risk 0.00cvss —epss 0.03
A command injection vulnerability in the component /api/cron/settings/setJob/ of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary system commands.
- CVE-2021-42770Nov 8, 2021risk 0.00cvss —epss 0.01
A Cross-site scripting (XSS) vulnerability was discovered in OPNsense before 21.7.4 via the LDAP attribute return in the authentication tester.
- CVE-2018-18958Jun 17, 2019risk 0.00cvss —epss 0.01
OPNsense 18.7.x before 18.7.7 has Incorrect Access Control.
- CVE-2019-11816May 20, 2019risk 0.00cvss —epss 0.03
Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request.
Page 2 of 2