Authenticated Command Injection in OPNsense Bridge Interface
CVE-2025-50989

9.1CRITICAL

Key Information:

Vendor: Opnsense
Status: Opnsense
Vendor: CVE Published:; 27 August 2025

What is CVE-2025-50989?

OPNsense version 25.1 has a significant command injection weakness found in its Bridge Interface Edit functionality. The vulnerability lies in the handling of the 'span' POST parameter, which is included in a system-level command without adequate sanitization or escaping. This allows an authenticated attacker, typically an administrator, to introduce harmful shell commands. If exploited, this vulnerability can lead to remote code execution with web service privileges, posing risks that could culminate in full system takeover or unauthorized lateral movement within the network. The root cause of the issue is primarily due to insufficient input validation and poor management of user-supplied data during backend command operations.

Affected Version(s)

OPNsense 0 < 25.1.8

References

https://github.com/4rdr/proofs/blob/main/info/OPNsense-25...

https://github.com/opnsense/changelog/blob/640e96ed6a7832...

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 27, 2025
Vulnerability Reserved
Jun 16, 2025

CVE-2025-50989 Data

JSON

Opnsense

What is CVE-2025-50989?

Affected Version(s)

References

CVSS V3.1

Timeline