Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openwrt openwrt 19.07.0 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-28961
applications/luci-app-ddns/luasrc/model/cbi/ddns/detail.lua in the DDNS package for OpenWrt 19.07 allows remote authenticated users to inject arbitrary commands via POST requests.
Openwrt Openwrt 19.07.0
8.1
CVSSv3
CVE-2020-7982
An issue exists in OpenWrt 18.06.0 to 18.06.6 and 19.07.0, and LEDE 17.01.0 to 17.01.7. A bug in the fork of the opkg package manager prior to 2020-01-25 prevents correct parsing of embedded checksums in the signed repository index, allowing a man-in-the-middle malicious user to ...
Openwrt Lede
Openwrt Openwrt
Openwrt Openwrt 19.07.0
1 Github repository
7.5
CVSSv3
CVE-2020-7248
libubox in OpenWrt prior to 18.06.7 and 19.x prior to 19.07.1 has a tagged binary data JSON serialization vulnerability that may cause a stack based buffer overflow.
Openwrt Openwrt
Openwrt Openwrt 19.07.0
7.5
CVSSv3
CVE-2019-19945
uhttpd in OpenWrt up to and including 18.06.5 and 19.x up to and including 19.07.0-rc2 has an integer signedness error. This leads to out-of-bounds access to a heap buffer and a subsequent crash. It can be triggered with an HTTP POST request to a CGI script, specifying both "...
Openwrt Openwrt 19.07.0
Openwrt Openwrt
2 Github repositories
7.2
CVSSv3
CVE-2023-20820
In wlan service, there is a possible command injection due to improper input validation. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00244189; Issue ID: WCNCR00244189.
Openwrt Openwrt 19.07.0
Openwrt Openwrt 21.02.0
6.7
CVSSv3
CVE-2024-20006
In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08477148; Issue ID: ALPS08477148.
Rdkcentral Rdk-b 2022q3
Google Android 11.0
Openwrt Openwrt 19.07.0
Openwrt Openwrt 21.02.0
6.7
CVSSv3
CVE-2023-32855
In aee, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07909204; Issue ID: ALPS07909204.
Linuxfoundation Yocto 2.6
Linuxfoundation Yocto 3.3
Linuxfoundation Yocto 4.0
Rdkcentral Rdk-b 2022q3
Google Android 12.0
Google Android 13.0
Openwrt Openwrt 19.07.0
Openwrt Openwrt 21.02
6.7
CVSSv3
CVE-2023-20821
In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113.
Linuxfoundation Yocto 2.6
Rdkcentral Rdk-b 2022q3
Google Android 11.0
Google Android 12.0
Google Android 13.0
Openwrt Openwrt 19.07.0
Openwrt Openwrt 21.02.0
6.7
CVSSv3
CVE-2023-20828
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014144.
Linuxfoundation Yocto 2.6
Rdkcentral Rdk-b 2022q3
Google Android 12.0
Google Android 13.0
Openwrt Openwrt 19.07.0
Openwrt Openwrt 21.02.0
6.7
CVSSv3
CVE-2023-20829
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014148.
Linuxfoundation Yocto 2.6
Rdkcentral Rdk-b 2022q3
Google Android 12.0
Google Android 13.0
Openwrt Openwrt 19.07.0
Openwrt Openwrt 21.02.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »