Vulnerabilities (CVE)

Filtered by vendor Openwrt Subscribe
Total 50 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-19945 1 Openwrt 1 Openwrt 2024-11-21 5.0 MEDIUM 7.5 HIGH
uhttpd in OpenWrt through 18.06.5 and 19.x through 19.07.0-rc2 has an integer signedness error. This leads to out-of-bounds access to a heap buffer and a subsequent crash. It can be triggered with an HTTP POST request to a CGI script, specifying both "Transfer-Encoding: chunked" and a large negative Content-Length value.
CVE-2019-18993 1 Openwrt 1 Openwrt 2024-11-21 3.5 LOW 5.4 MEDIUM
OpenWrt 18.06.4 allows XSS via the "New port forward" Name field to the cgi-bin/luci/admin/network/firewall/forwards URI (this can occur, for example, on a TP-Link Archer C7 device).
CVE-2019-18992 1 Openwrt 1 Openwrt 2024-11-21 3.5 LOW 5.4 MEDIUM
OpenWrt 18.06.4 allows XSS via these Name fields to the cgi-bin/luci/admin/network/firewall/rules URI: "Open ports on router" and "New forward rule" and "New Source NAT" (this can occur, for example, on a TP-Link Archer C7 device).
CVE-2019-17367 1 Openwrt 1 Openwrt 2024-11-21 6.8 MEDIUM 8.8 HIGH
OpenWRT firmware version 18.06.4 is vulnerable to CSRF via wireless/radio0.network1, wireless/radio1.network1, firewall, firewall/zones, firewall/forwards, firewall/rules, network/wan, network/wan6, or network/lan under /cgi-bin/luci/admin/network/.
CVE-2019-15513 2 Motorola, Openwrt 5 C1 Mwr03, C1 Mwr03 Firmware, Cx2l Mwr04l and 2 more 2024-11-21 7.8 HIGH 7.5 HIGH
An issue was discovered in OpenWrt libuci (aka Library for the Unified Configuration Interface) before 15.05.1 as used on Motorola CX2L MWR04L 1.01 and C1 MWR03 1.01 devices. /tmp/.uci/network locking is mishandled after reception of a long SetWanSettings command, leading to a device hang.
CVE-2019-12272 1 Openwrt 1 Luci 2024-11-21 7.5 HIGH 9.8 CRITICAL
In OpenWrt LuCI through 0.10, the endpoints admin/status/realtime/bandwidth_status and admin/status/realtime/wireless_status of the web application are affected by a command injection vulnerability.
CVE-2018-19630 1 Openwrt 2 Lede, Openwrt 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
cgi_handle_request in uhttpd in OpenWrt through 18.06.1 and LEDE through 17.01 has unauthenticated reflected XSS via the URI, as demonstrated by a cgi-bin/?[XSS] URI.
CVE-2018-11116 1 Openwrt 1 Openwrt 2024-11-21 6.5 MEDIUM 8.8 HIGH
OpenWrt mishandles access control in /etc/config/rpcd and the /usr/share/rpcd/acl.d files, which allows remote authenticated users to call arbitrary methods (i.e., achieve ubus access over HTTP) that were only supposed to be accessible to a specific user, as demonstrated by the file, log, and service namespaces, potentially leading to remote Information Disclosure or Code Execution. NOTE: The developer disputes this as a vulnerability, indicating that rpcd functions appropriately
CVE-2024-20085 5 Google, Linuxfoundation, Mediatek and 2 more 43 Android, Yocto, Mt6580 and 40 more 2024-10-27 N/A 4.4 MEDIUM
In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08944204; Issue ID: MSV-1560.
CVE-2024-20084 5 Google, Linuxfoundation, Mediatek and 2 more 43 Android, Yocto, Mt6580 and 40 more 2024-10-27 N/A 4.4 MEDIUM
In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08944210; Issue ID: MSV-1561.