OpenWrt 19.07.2

CPE Details

OpenWrt 19.07.2
openwrt
openwrt
19.07.2
2023-05-24
12h53 +00:00
2023-05-24
13h01 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:openwrt:openwrt:19.07.2:*:*:*:*:*:*:*

Informations

Vendor

openwrt

Product

openwrt

Version

19.07.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-38333 2022-09-19 14h13 +00:00 Openwrt before v21.02.3 and Openwrt v22.03.0-rc6 were discovered to contain two skip loops in the function header_value(). This vulnerability allows attackers to access sensitive information via a crafted HTTP request.
7.5
High
CVE-2021-32019 2021-08-02 18h35 +00:00 There is missing input validation of host names displayed in OpenWrt before 19.07.8. The Connection Status page of the luci web-interface allows XSS, which can be used to gain full control over the affected system via ICMP.
6.1
Medium
CVE-2021-22161 2021-02-07 21h56 +00:00 In OpenWrt 19.07.x before 19.07.7, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set. This affects the netifd and odhcp6c packages.
6.5
Medium
CVE-2020-28951 2020-11-19 18h01 +00:00 libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter a use after free when using malicious package names. This is related to uci_parse_package in file.c and uci_strdup in util.c.
9.8
Critical