Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openwrt vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2023-20695
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734012 / ALPS07874363 (For MT6880, MT689...
Google Android 13.0
Openwrt Openwrt 19.07.0
Openwrt Openwrt 21.02.0
6.7
CVSSv3
CVE-2023-20696
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT...
Google Android 13.0
Openwrt Openwrt 19.07.0
Openwrt Openwrt 21.02.0
5.4
CVSSv3
CVE-2023-24182
LuCI openwrt-22.03 branch git-22.361.69894-438c598 exists to contain a stored cross-site scripting (XSS) vulnerability via the component /system/sshkeys.js.
Openwrt Openwrt 22.03.3
5.4
CVSSv3
CVE-2023-24181
LuCI openwrt-22.03 branch git-22.361.69894-438c598 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /openvpn/pageswitch.htm.
Openwrt Luci 22.03.3
5.4
CVSSv3
CVE-2022-41435
OpenWRT LuCI version git-22.140.66206-02913be exists to contain a stored cross-site scripting (XSS) vulnerability in the component /system/sshkeys.js. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via crafted public key comments.
Openwrt Luci Git-22.140.66206-02913be
7.5
CVSSv3
CVE-2022-38333
Openwrt before v21.02.3 and Openwrt v22.03.0-rc6 were discovered to contain two skip loops in the function header_value(). This vulnerability allows malicious users to access sensitive information via a crafted HTTP request.
Openwrt Openwrt 22.03.0
Openwrt Openwrt
5.4
CVSSv3
CVE-2021-45906
OpenWrt 21.02.1 allows XSS via the NAT Rules Name screen.
Openwrt Openwrt 21.02.1
5.4
CVSSv3
CVE-2021-45904
OpenWrt 21.02.1 allows XSS via the Port Forwards Add Name screen.
Openwrt Openwrt 21.02.1
5.4
CVSSv3
CVE-2021-45905
OpenWrt 21.02.1 allows XSS via the Traffic Rules Name screen.
Openwrt Openwrt 21.02.1
6.1
CVSSv3
CVE-2021-32019
There is missing input validation of host names displayed in OpenWrt prior to 19.07.8. The Connection Status page of the luci web-interface allows XSS, which can be used to gain full control over the affected system via ICMP.
Openwrt Openwrt
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »