CVE-2020-23015

MEDIUM NUCLEI

OPNsense <20.1.5 - Open Redirect

Title source: llm

Description

An open redirect issue was discovered in OPNsense through 20.1.5. The redirect parameter "url" in login page was not filtered and can redirect user to any website.

Nuclei Templates (1)

OPNsense <=20.1.5 - Open Redirect
MEDIUMby 0x_Akoko
Shodan: http.title:"opnsense"
FOFA: title="opnsense"

References (1)

Scores

CVSS v3 6.1
EPSS 0.1064
EPSS Percentile 93.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-601
Status published
Products (1)
opnsense/opnsense < 20.1.5
Published May 03, 2021
Tracked Since Feb 18, 2026