Messages

Hi Patrick,

Thank you for your response and for clarifying the situation.

I appreciate your insights about CVE-2025-14847, but I still feel that there should have been a clearer communication to users, especially given that MongoDB has been deprecated in Zenarmor. I understand it's my responsibility as an administrator to check for vulnerabilities, but it would be more helpful if there was an explicit warning or guidance from the Zenarmor team about how MongoDB users should handle these situations.

While I agree with your point that if MongoDB is not exposed remotely, the vulnerability may not apply, it's still concerning that users are left in the dark unless they are actively looking for this kind of information.

Once again, thanks for your input. I just think there's room for improvement in the way security updates and vulnerabilities are communicated to the user base.

Best regards,
Hugo

Hi Patrick!
That's not what I want, I know what to do with Mongo Database on Zenarmor in OPNSense. What I want to bring up is whether Zenarmor or OPNSense have informed us users old and new that if you still use Mongo Database in Zenarmor to switch to SQL-Lite or Elasticsearch. But this is speculation because still NO ONE has answered whether Mongo Database used in Zenarmor is vulnerable to CVE-2025-14847. Which was my question from the beginning.
Not to offend you, but you sound more like politicians who avoid touching on the core question here and answer with something else.

best regards,
Hugo

Thanks for your suggestion. But still no one has been able to answer my question. Or is it not important if mongo database is vulnerable to inform all of us users, when this is a security product?

best regards,
Hugo

Thank you Seimus for your clarification and help!

best regards,
Hugo

I know I can change the Database engine to Elasticsearch and then the problem is gone, right? But it would be good to know if the vulnerability is there in the Mongo Database that Zenarmor uses.

best regards,
Hugo

2.31

Hello everyone and Happy New Year!
I know this belongs to "Zenarmor", but it's been a few days since I asked there with no response. Can anyone please answer my question:
"Is Mongo Database vulnerable to CVE-2025-14847?"

best regards,
Hugo

hi!
Is Mongo Database vulnerable to CVE-2025-14847?

best regards,
Hugo C.V.

Thanks Franco.
Found error only on the computer where I have OPNSense. Tested with another OPNSense New installation and tried to provoke the error and recovery worked without problems.
So I will not spend any more time on this and close the case.

My OPNSense crashed so I reinstalled the same ver. I had, 25.7.2. Installed the plugins I had (Crowsec and Zenarmor)
Did a restore from the backup file (ver. 25.7.2). Rebooted and then I got the following:
Configuring login behavior......
Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/etc/inc/auth.inc:260
Stack trace:
#0 /usr/local/etc/inc/system.inc(1214): local_sync_accounts( )
#1 /usr/local/etc/rc.bootup(66): system_login_configure(true)
#2 (main)
thrown in /usr/local/etc/inc/auth.inc on line 260
Enter full pathname of shell or RETURN for /bin/sh:

Can someone please help me?

best regards,
HCV

Mike,
Is the Internet problem you are having only on the devices that use Wifi or also those with network cable?
If it is only a Wifi problem. Try updating the Unifi controller and Firmware on all access points you have.

best regards,
Hugo

Crowdsec is working properly now after updating to 25.1.1
Big thanks to all Developers

//HCV

For information:
Tried uninstalling Crowsec Plugin, restarting OPNSense Server. Reinstalled Crowdsec Plugin. Still the same error.
So you don't have to do the same thing.
Have a nice day!

best regards,
Hugo

Hi everyone.
Thanks for your work with all the updates.
After updating to ver. 25.1 Crowdsec shows no logs. I have the same error on all OPNSens that I take care of.
Is this something you already know?
Have a nice weekend!

Best regards!
Hugo

Thanks to all!!

how can i mark this as solved?

best regards,
HCV