Published: 18/10/2019 Updated: 22/10/2019
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

OpenWRT firmware version 18.06.4 is vulnerable to CSRF via wireless/radio0.network1, wireless/radio1.network1, firewall, firewall/zones, firewall/forwards, firewall/rules, network/wan, network/wan6, or network/lan under /cgi-bin/luci/admin/network/.

Vulnerability Trend

Github Repositories

These are series of activities based on the vulnerabilities found in OpenWrt by our team.

References nvdnistgov/vuln/detail/CVE-2019-17367 nvdnistgov/vuln/detail/CVE-2019-18992 OpenWrt-vulnerabilities Currently this project consists of 2 zero-day vulnerabilities (CVE-2019-18992 and CVE-2019-17367) that we discovered in OpenWrt firmware This project aims to create and publish Proof-of-Concept attack payloads for various vulnerabilities found in