OPNsense 25.1 contains an authenticated command injection vulnerability in its Bridge Interface Edit endpoint (interfaces_bridge_edit.php). The span POST parameter is concatenated into a system-level command without proper sanitization or escaping, allowing an administrator to inject arbitrary shell operators and payloads. Successful exploitation grants RCE with the privileges of the web service (typically root), potentially leading to full system compromise or lateral movement. This vulnerability arises from inadequate input validation and improper handling of user-supplied data in backend command invocations.
Metrics
Affected Vendors & Products
References
History
Wed, 27 Aug 2025 22:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Opnsense
Opnsense opnsense |
|
Vendors & Products |
Opnsense
Opnsense opnsense |
Wed, 27 Aug 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-77 | |
Metrics |
cvssV3_1
|
Wed, 27 Aug 2025 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | OPNsense 25.1 contains an authenticated command injection vulnerability in its Bridge Interface Edit endpoint (interfaces_bridge_edit.php). The span POST parameter is concatenated into a system-level command without proper sanitization or escaping, allowing an administrator to inject arbitrary shell operators and payloads. Successful exploitation grants RCE with the privileges of the web service (typically root), potentially leading to full system compromise or lateral movement. This vulnerability arises from inadequate input validation and improper handling of user-supplied data in backend command invocations. | |
References |
|

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-08-27T14:48:37.186Z
Reserved: 2025-06-16T00:00:00.000Z
Link: CVE-2025-50989

Updated: 2025-08-27T14:47:28.729Z

Status : Awaiting Analysis
Published: 2025-08-27T15:15:38.857
Modified: 2025-08-29T16:24:09.860
Link: CVE-2025-50989

No data.

Updated: 2025-08-27T21:57:27Z