Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openwrt openwrt vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-20696
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07856356 / ALPS07874388 (For MT6880 and MT...
Google Android 13.0
Openwrt Openwrt 19.07.0
Openwrt Openwrt 21.02.0
NA
CVE-2023-20726
In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07735968 / ALPS07884552 (For MT6880,...
Linuxfoundation Yocto 2.6
Linuxfoundation Yocto 3.3
Rdkcentral Rdkb 2022q3
Google Android 11.0
Google Android 12.0
Google Android 13.0
Openwrt Openwrt 19.07.0
Openwrt Openwrt 21.02.0
NA
CVE-2023-24182
LuCI openwrt-22.03 branch git-22.361.69894-438c598 exists to contain a stored cross-site scripting (XSS) vulnerability via the component /system/sshkeys.js.
Openwrt Openwrt 22.03.3
NA
CVE-2023-24181
LuCI openwrt-22.03 branch git-22.361.69894-438c598 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /openvpn/pageswitch.htm.
Openwrt Luci 22.03.3
NA
CVE-2022-41435
OpenWRT LuCI version git-22.140.66206-02913be exists to contain a stored cross-site scripting (XSS) vulnerability in the component /system/sshkeys.js. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via crafted public key comments.
Openwrt Luci Git-22.140.66206-02913be
NA
CVE-2022-38333
Openwrt before v21.02.3 and Openwrt v22.03.0-rc6 were discovered to contain two skip loops in the function header_value(). This vulnerability allows malicious users to access sensitive information via a crafted HTTP request.
Openwrt Openwrt 22.03.0
Openwrt Openwrt
312
VMScore
CVE-2021-45904
OpenWrt 21.02.1 allows XSS via the Port Forwards Add Name screen.
Openwrt Openwrt 21.02.1
312
VMScore
CVE-2021-45905
OpenWrt 21.02.1 allows XSS via the Traffic Rules Name screen.
Openwrt Openwrt 21.02.1
312
VMScore
CVE-2021-45906
OpenWrt 21.02.1 allows XSS via the NAT Rules Name screen.
Openwrt Openwrt 21.02.1
383
VMScore
CVE-2021-32019
There is missing input validation of host names displayed in OpenWrt prior to 19.07.8. The Connection Status page of the luci web-interface allows XSS, which can be used to gain full control over the affected system via ICMP.
Openwrt Openwrt
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »