CVE-2025-13698 | Deciso OPNsense diag_backup.php path traversal (ZDI-25-1022)

A vulnerability identified as critical has been detected in Deciso OPNsense. Affected by this issue is some unknown functionality of the file diag_backup.php. The manipulation leads to path traversal.

This vulnerability is uniquely identified as CVE-2025-13698. The attack is possible to be carried out remotely. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More