Chasing the OPNsense RCE: The Story Behind My First CVEs
OPNsenseRCECVE-2026-57155GeoIP alias importerpath traversalarbitrary file writeremote code executionsecurity researchvulnerability disclosure
Author: HackerAsk
Date: 7/1/2026
Article Summary:
A security researcher from Hacking Cult GmbH discovers multiple vulnerabilities in OPNsense, including a critical Remote Code Execution (RCE) flaw (CVE-2026-57155) with a 9.9 CVSS rating, and provides a detailed write-up of the exploit chain and mitigation.