CVE-2023-38997

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-38997
A directory traversal vulnerability in the Captive Portal templates of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary system commands as root via a crafted ZIP archive.

7.2 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/opnsense/core/commit/448762d440b51574f1906c0ec2f5ea6dc4f16eb2 Patch
https://logicaltrust.net/blog/2023/08/opnsense.html Exploit Third Party Advisory
https://github.com/opnsense/core/commit/448762d440b51574f1906c0ec2f5ea6dc4f16eb2 Patch
https://logicaltrust.net/blog/2023/08/opnsense.html Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:opnsense:opnsense:*:*:*:*:*:*:*:*
History

21 Nov 2024, 08:14

Type Values Removed Values Added
References () https://github.com/opnsense/core/commit/448762d440b51574f1906c0ec2f5ea6dc4f16eb2 - Patch () https://github.com/opnsense/core/commit/448762d440b51574f1906c0ec2f5ea6dc4f16eb2 - Patch
References () https://logicaltrust.net/blog/2023/08/opnsense.html - Exploit, Third Party Advisory () https://logicaltrust.net/blog/2023/08/opnsense.html - Exploit, Third Party Advisory
Summary
  • (es) Una vulnerabilidad de traspaso de directorios en las plantillas del portal cautivo de OPNsense Community Edition antes de 23.7 y Business Edition antes de 23.4.2 permite a los atacantes ejecutar comandos arbitrarios del sistema como root a través de un archivo ZIP manipulado.

22 Feb 2024, 17:44

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 9.8 		v2 : unknown
v3 : 7.2

10 Oct 2023, 23:15

Type Values Removed Values Added
Summary A directory traversal vulnerability in the Captive Portal templates of OPNsense before 23.7 allows attackers to execute arbitrary system commands as root via a crafted ZIP archive. A directory traversal vulnerability in the Captive Portal templates of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary system commands as root via a crafted ZIP archive.

15 Aug 2023, 15:09

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 9.8
CWE CWE-22
References (MISC) https://github.com/opnsense/core/commit/448762d440b51574f1906c0ec2f5ea6dc4f16eb2 - (MISC) https://github.com/opnsense/core/commit/448762d440b51574f1906c0ec2f5ea6dc4f16eb2 - Patch
References (MISC) https://logicaltrust.net/blog/2023/08/opnsense.html - (MISC) https://logicaltrust.net/blog/2023/08/opnsense.html - Exploit, Third Party Advisory
First Time Opnsense opnsense
Opnsense
CPE cpe:2.3:a:opnsense:opnsense:*:*:*:*:*:*:*:*

09 Aug 2023, 19:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-08-09 19:15

Updated : 2024-11-21 08:14

NVD link : CVE-2023-38997

Mitre link : CVE-2023-38997

CVE.ORG link : CVE-2023-38997

JSON object : View

Products Affected

opnsense

  • opnsense
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024