CVE-2025-13698 | Deciso OPNsense diag_backup.php path traversal (ZDI-25-1022)

Inserito da Angelo Barbosa | Nov 26, 2025 | CVE

A vulnerability identified as critical has been detected in Deciso OPNsense. Affected by this issue is some unknown functionality of the file diag_backup.php. The manipulation leads to path traversal.

This vulnerability is uniquely identified as CVE-2025-13698. The attack is possible to be carried out remotely. No exploit exists.

You should upgrade the affected component.

CVE-2025-13698 | Deciso OPNsense diag_backup.php path traversal (ZDI-25-1022)

Post correlati

CVE-2024-5618 | PruvaSoft Informatics Apinizer Management Console prior 2024.05.1 permission assignment

CVE-2024-25529 | RuvarOA 6.01/12.01 wf_office_file_history_show.aspx id sql injection

CVE-2023-42947 | Apple tvOS App sandbox

CVE-2024-9243 | Foxit PDF Reader AcroForm Doc use after free (ZDI-24-1296)