Chasing the OPNsense RCE: The Story Behind My First CVEs (hackerask.com) 16 points by HackerAsk 15d ago ↗ HN
[–] pizzalife 15d ago ↗ Why did you not mention LLM use in the post at all?Are you not using LLMs as part of your toolkit in 2026?
[–] bill_mcgonigle 14d ago ↗ For those wondering this gives full system compromise to an authenticated user with permissions to edit the firewall, AIUI.Nasty but I was expecting a remote unauthenticated attack at 9.9. Hopefully you don't allow admin on WAN!Thanks for finding the bugs and writing about the design pattern problem, HackerAsk.
3 comments
[ 4.8 ms ] story [ 80.3 ms ] threadAre you not using LLMs as part of your toolkit in 2026?
Nasty but I was expecting a remote unauthenticated attack at 9.9. Hopefully you don't allow admin on WAN!
Thanks for finding the bugs and writing about the design pattern problem, HackerAsk.