Published: 16/03/2020 Updated: 24/05/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 446

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

uhttpd in OpenWrt up to and including 18.06.5 and 19.x up to and including 19.07.0-rc2 has an integer signedness error. This leads to out-of-bounds access to a heap buffer and a subsequent crash. It can be triggered with an HTTP POST request to a CGI script, specifying both "Transfer-Encoding: chunked" and a large negative Content-Length value.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openwrt openwrt 19.07.0
openwrt openwrt

CVE-2019-19945_Test This is the code for the first Proposed CVE Install Docker Build & RUN Server cd Server docker build -t server/cve docker run -d --name server -p 80:80 server/cve Get Server Container IP Linux sudo docker container inspect server | grep -i IPAddress Windows Powershell docker container inspect server | Select-String "IPAddress" Ext

OpenWRT DOS Exploit, unfort. no RCE ;)

OpenWrt uhttpd DoS Writeup LevitatingLion found a bug in uhttpd, leading to out-of-bounds access to a heap buffer and subsequent crash The bug was reported to OpenWrt and assigned CVE-2019-19945, OpenWrt published a security advisory as well The issue was fixed in OpenWrt version 18066, and had been present in all prior versions since January 2013 The bug can be triggered

CWE-125 CWE-681 https://github.com/openwrt/openwrt/commits/master https://openwrt.org/advisory/2020-01-13-1 https://nvd.nist.gov https://github.com/delicateByte/CVE-2019-19945_Test https://github.com/mclab-hbrs/openwrt-dos-poc

CVE-2019-19945

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect