CVE-2026-34578

Published: Apr 09, 2026 Last Modified: Apr 14, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 8,2

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: low

Availability: none

Description

AI Translation Available

OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.6, OPNsense's LDAP authentication connector passes the login username directly into an LDAP search filter without calling ldap_escape(). An unauthenticated attacker can inject LDAP filter metacharacters into the username field of the WebGUI login page to enumerate valid LDAP usernames in the configured directory. When the LDAP server configuration includes an Extended Query to restrict login to members of a specific group, the same injection can be used to bypass that group membership restriction and authenticate as any LDAP user whose password is known, regardless of group membership. This vulnerability is fixed in 26.1.6.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0020

Percentile

0,4th

Updated

EPSS Score Trend (Last 7 Days)

Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Integrity Availability

Potential Impacts:

Execute Unauthorized Code Or Commands Read Application Data Modify Application Data

Applicable Platforms

Technologies: Database Server

View CWE Details

Application

Opnsense by Opnsense

Product Information

Vendor Opnsense

Product Opnsense

Version Range Affected

To 26.1.6 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:opnsense:opnsense:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

https://github.com/opnsense/core/security/advisories/GHSA-j…

https://github.com/opnsense/core/security/advisories/GHSA-jpm7-f59c-mp54

https://github.com/opnsense/core/commit/016f66cb4620cd48183…

https://github.com/opnsense/core/commit/016f66cb4620cd48183fa97843f343bb71813c6e

https://github.com/opnsense/core/security/advisories/GHSA-j…

https://github.com/opnsense/core/security/advisories/GHSA-jpm7-f59c-mp54

CVE-2026-34578

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 7 Days)

Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')

Common Consequences

Applicable Platforms

Opnsense by Opnsense

Product Information

Iscriviti alla newsletter