Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Opnsense Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-42770 1 Opnsense 1 Opnsense 2022-07-28 4.3 MEDIUM 6.1 MEDIUM
A Cross-site scripting (XSS) vulnerability was discovered in OPNsense before 21.7.4 via the LDAP attribute return in the authentication tester.
CVE-2020-23015 1 Opnsense 1 Opnsense 2021-05-11 5.8 MEDIUM 6.1 MEDIUM
An open redirect issue was discovered in OPNsense through 20.1.5. The redirect parameter "url" in login page was not filtered and can redirect user to any website.
CVE-2019-11816 2 Netgate, Opnsense 2 Pfsense, Opnsense 2020-08-24 6.5 MEDIUM 7.2 HIGH
Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request.
CVE-2018-18958 1 Opnsense 1 Opnsense 2019-06-19 4.0 MEDIUM 6.5 MEDIUM
OPNsense 18.7.x before 18.7.7 has Incorrect Access Control.