Description

OPNsense before 25.1.8 contains an authenticated command injection vulnerability in its Bridge Interface Edit endpoint (interfaces_bridge_edit.php). The span POST parameter is concatenated into a system-level command without proper sanitization or escaping, allowing an administrator to inject arbitrary shell operators and payloads. Successful exploitation results in remote code execution with the privileges of the web service (typically root), potentially leading to full system compromise or lateral movement. This vulnerability arises from inadequate input validation and improper handling of user-supplied data in backend command invocations.

INFO

Published Date :

2025-08-27T00:00:00.000Z

Last Modified :

2025-09-12T13:49:13.889Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-50989 vulnerability.

Vendors Products
Opnsense
  • Opnsense
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-50989.

URL Resource
https://github.com/4rdr/proofs/blob/main/info/OPNsense-25.1-Command-Injection-via-span-parameter.md cve-icon cve-icon
https://github.com/opnsense/changelog/blob/640e96ed6a783254283aead0d0b744fc9143ce6d/community/25.1/25.1.8#L34 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact