Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openwrt openwrt vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2023-20696
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT...
Google Android 13.0
Openwrt Openwrt 19.07.0
Openwrt Openwrt 21.02.0
3.3
CVSSv3
CVE-2023-20726
In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880,...
Linuxfoundation Yocto 2.6
Linuxfoundation Yocto 3.3
Rdkcentral Rdkb 2022q3
Google Android 11.0
Google Android 12.0
Google Android 13.0
Openwrt Openwrt 19.07.0
Openwrt Openwrt 21.02.0
5.4
CVSSv3
CVE-2023-24182
LuCI openwrt-22.03 branch git-22.361.69894-438c598 exists to contain a stored cross-site scripting (XSS) vulnerability via the component /system/sshkeys.js.
Openwrt Openwrt 22.03.3
5.4
CVSSv3
CVE-2023-24181
LuCI openwrt-22.03 branch git-22.361.69894-438c598 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /openvpn/pageswitch.htm.
Openwrt Luci 22.03.3
5.4
CVSSv3
CVE-2022-41435
OpenWRT LuCI version git-22.140.66206-02913be exists to contain a stored cross-site scripting (XSS) vulnerability in the component /system/sshkeys.js. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via crafted public key comments.
Openwrt Luci Git-22.140.66206-02913be
7.5
CVSSv3
CVE-2022-38333
Openwrt before v21.02.3 and Openwrt v22.03.0-rc6 were discovered to contain two skip loops in the function header_value(). This vulnerability allows malicious users to access sensitive information via a crafted HTTP request.
Openwrt Openwrt 22.03.0
Openwrt Openwrt
5.4
CVSSv3
CVE-2021-45904
OpenWrt 21.02.1 allows XSS via the Port Forwards Add Name screen.