Command Execution Vulnerability in FreeBSD Wi-Fi Configuration Tools
CVE-2026-45255

7.5HIGH

Key Information:

Vendor: FreeBSD
Status: FreeBSD
Vendor: CVE Published:; 21 May 2026

What is CVE-2026-45255?

The bsdinstall and bsdconfig tools in FreeBSD are susceptible to a command execution vulnerability stemming from improper handling of network names during Wi-Fi scans. When these tools are prompted to scan for nearby networks, they build a list of network names and use bsddialog(1) to facilitate user selection. However, the implementation is flawed as it doesn't adequately guard against shell expansion risks. An attacker can exploit this vulnerability by creating a malicious access point with a carefully crafted network name, enabling the execution of arbitrary commands with root privileges on the system when the scan is initiated, irrespective of whether the malicious network is selected.

Affected Version(s)

FreeBSD 15.0-RELEASE

FreeBSD 14.4-RELEASE

FreeBSD 14.3-RELEASE

References

https://security.freebsd.org/advisories/FreeBSD-SA-26:23....

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 21, 2026
Vulnerability Reserved
May 11, 2026

Credit

Austin Ralls

CVE-2026-45255 Data

JSON