CVE-2023-39007
https://notcve.org/view.php?id=CVE-2023-39007
/ui/cron/item/open in the Cron component of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows XSS via openAction in app/controllers/OPNsense/Cron/ItemController.php. • https://github.com/opnsense/core/commit/5edff49db1cd8b5078611e2f542d91c02af2b25c https://github.com/opnsense/core/compare/23.1.11...23.7 https://logicaltrust.net/blog/2023/08/opnsense.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-39001
https://notcve.org/view.php?id=CVE-2023-39001
A command injection vulnerability in the component diag_backup.php of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary commands via a crafted backup configuration file. • https://github.com/opnsense/core/commit/e800097d0c287bb665f0751a98a67c75ef7b45e5 https://logicaltrust.net/blog/2023/08/opnsense.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2023-39002
https://notcve.org/view.php?id=CVE-2023-39002
A cross-site scripting (XSS) vulnerability in the act parameter of system_certmanager.php in OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. • https://github.com/opnsense/core/commit/a4f6a8f8d604271f81984cfcbba0471af58e34dc https://logicaltrust.net/blog/2023/08/opnsense.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-39004
https://notcve.org/view.php?id=CVE-2023-39004
Insecure permissions in the configuration directory (/conf/) of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allow attackers to access sensitive information (e.g., hashed root password) which could lead to privilege escalation. • http://opnsense.com https://logicaltrust.net/blog/2023/08/opnsense.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2023-38998
https://notcve.org/view.php?id=CVE-2023-38998
An open redirect in the Login page of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to redirect a victim user to an arbitrary web site via a crafted URL. • https://github.com/opnsense/core/commit/6bc025af1705dcdd8ef22ff5d4fcb986fa4e45f8 https://logicaltrust.net/blog/2023/08/opnsense.html • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •