CVE-2026-44194— OPNsense: RCE on user managment

OPNsense: RCE on user managment

OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, an authenticated Remote Code Execution (RCE) vulnerability in the OPNsense core allows a user with user-management privileges to execute arbitrary system commands as root. An attacker can bypass input validation by formatting their malicious payload as a compliant email address, allowing shell commands to reach the underlying operating system. The flaw exists in the local user synchronization flow, within core/src/opnsense/scripts/auth/sync_user.php. This vulnerability is fixed in 26.1.8.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

OS命令中使用的特殊元素转义处理不恰当(OS命令注入)

Deciso OPNsense 操作系统命令注入漏洞

Deciso OPNsense是荷兰Deciso公司的一个防火墙与路由器操作系统。 Deciso OPNsense 26.1.8之前版本存在操作系统命令注入漏洞，该漏洞源于本地用户同步流程中，攻击者可通过将恶意负载格式化为合规电子邮件地址绕过输入验证，导致具有用户管理权限的用户以root身份执行任意系统命令。

N/A

N/A