Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.5
CVSSv2

CVE-2019-18993

Published: 03/12/2019 Updated: 24/05/2023
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
Subscribe to Openwrt

Vulnerability Summary

OpenWrt 18.06.4 allows XSS via the "New port forward" Name field to the cgi-bin/luci/admin/network/firewall/forwards URI (this can occur, for example, on a TP-Link Archer C7 device).

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openwrt openwrt 18.06.4

Github Repositories

https://github.com/BloodyOrangeMan/DVRF

Damn Vulnerable Router Firmware(DVRF)

Danm Vulnerable Router Firmware 介绍 DVRF 的全称是 Danm Vulnerable Router Firmware,该项目是一个基于 OpenWrt 改造的漏洞固件。用 CTF 模式来帮助安全专业人员测试物联网设备中常见的漏洞,其中部分漏洞题基于公开的 CVE 漏洞。 DVRF 描述 L1 Brute Login L2 Damn XSS (CVE-2019-18993) L3 What‘s your bandwidt

References

CWE-79https://github.com/openwrt/luci/commit/c048f23bad54b0a79449652380b317819e0ea978https://nvd.nist.govhttps://github.com/BloodyOrangeMan/DVRF
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook