Primary

Context

OPNsense XMLRPC Remote Code Execution Vulnerability

Vulnerability

Patched

A remote code execution vulnerability has been identified in OPNsense versions through 26.1.6. The issue arises in the XMLRPC method 'opnsense.restore_config_section', which fails to properly sanitize user input. This vulnerability allows a user with 'XMLRPC Library' privileges to execute arbitrary code as the 'root' user on the firewall host.

Impact

Exploitation of this vulnerability allows for remote code execution on the affected system with root privileges.

Reproduction

To reproduce this vulnerability, a new user must be created with 'XMLRPC Library' privileges. Once the user is created, the vulnerable XMLRPC method 'opnsense.restore_config_section' can be called. The injection is executed by including a payload in the 'name' field of the user data, which is then executed as a command on the server.

Remediation

Users can upgrade to OPNsense version 26.1.7 or later to address this vulnerability.

Added: May 13, 2026, 10:30 PM

Updated: May 13, 2026, 10:30 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

7.5

exploitability

6.2

remediation

7.7

relevance

8.2

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

7.5

exploitability

6.2

remediation

7.7

relevance

8.2

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OPNsense XMLRPC Remote Code Execution Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

OPNsense

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating