Published: 18/10/2019 Updated: 22/10/2019

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

OpenWRT firmware version 18.06.4 is vulnerable to CSRF via wireless/radio0.network1, wireless/radio1.network1, firewall, firewall/zones, firewall/forwards, firewall/rules, network/wan, network/wan6, or network/lan under /cgi-bin/luci/admin/network/.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openwrt openwrt 18

These are series of activities based on the vulnerabilities found in OpenWrt by our team.

References nvdnistgov/vuln/detail/CVE-2019-17367 nvdnistgov/vuln/detail/CVE-2019-18992 OpenWrt-vulnerabilities Currently this project consists of 2 zero-day vulnerabilities (CVE-2019-18992 and CVE-2019-17367) that we discovered in OpenWrt firmware This project aims to create and publish Proof-of-Concept attack payloads for various vulnerabilities found in

CWE-352 https://github.com/openwrt/luci/commit/f8c6eb67cd9da09ee20248fec6ab742069635e47 https://nvd.nist.gov https://github.com/paragmhatre1993/OpenWrt-vulnerabilities

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-17367

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect