Vulnerabilities > Opnsense > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-09 | CVE-2023-38997 | Path Traversal vulnerability in Opnsense A directory traversal vulnerability in the Captive Portal templates of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary system commands as root via a crafted ZIP archive. | 7.2 |
2023-08-09 | CVE-2023-39003 | Incorrect Permission Assignment for Critical Resource vulnerability in Opnsense OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 was discovered to contain insecure permissions in the directory /tmp. | 7.5 |
2023-08-09 | CVE-2023-39005 | Incorrect Permission Assignment for Critical Resource vulnerability in Opnsense Insecure permissions exist for configd.socket in OPNsense Community Edition before 23.7 and Business Edition before 23.4.2. | 7.5 |