Known Vulnerabilities for products from Opnsense
Listed below are 4 of the newest known vulnerabilities associated with the vendor "Opnsense".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-42770 | A Cross-site scripting (XSS) vulnerability was discovered in OPNsense before 21.7.4 via the LDAP attribute return in the auth... | 6.1 - MEDIUM | 2021-11-08 | 2022-07-28 |
| CVE-2020-23015 | An open redirect issue was discovered in OPNsense through 20.1.5. The redirect parameter "url" in login page was not filtered... | 6.1 - MEDIUM | 2021-05-03 | 2021-05-11 |
| CVE-2019-11816 | Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authentica... | 7.2 - HIGH | 2019-05-20 | 2020-08-24 |
| CVE-2018-18958 | OPNsense 18.7.x before 18.7.7 has Incorrect Access Control. | 6.5 - MEDIUM | 2019-06-17 | 2019-06-19 |
Known software with vulnerabilities from Opnsense
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Opnsense | Opnsense | 8.1.13 |