Tag
critical
advisory
OPNsense Multiple Vulnerabilities Lead to Remote Code Execution
2 rules 2 TTPsA remote, authenticated attacker can exploit multiple vulnerabilities in OPNsense to execute arbitrary code with administrator privileges.
OPNsense
rce
privilege-escalation
execution
2r
2t
high
advisory
OPNsense LDAP Injection Vulnerability (CVE-2026-34578)
2 rules 1 TTP 1 CVEOPNsense versions prior to 26.1.6 are vulnerable to LDAP injection, allowing unauthenticated attackers to enumerate valid LDAP usernames and bypass group membership restrictions via the WebGUI login page.
ldap-injection
vulnerability
opnsense
2r
1t
1c