DigiNews

Tech Watch by Johan Denoyer

← Back to articles

Chasing the OPNsense RCE: The Story Behind My First CVEs

Quality: 8/10 Relevance: 8/10

Summary

HackerAsk shares a detailed write-up of discovering five vulnerabilities in OPNsense, including a high-severity RCE (CVE-2026-57155). The post covers the research process, moderate bugs (XPath injection, stored XSS), the exploit chain through the GeoIP alias importer, and responsible disclosure with patches in version 26.1.11.

🚀 Service construit par Johan Denoyer