CPE-8FDAB9ED-1A41-4133-8183-2448FCC9BE81 Detail

CPE Details

OpenWrt 19.07.0 Release Candidate 1

Vendor

openwrt

Product

openwrt

Version

19.07.0

Created

2023-05-24
12h53 +00:00

Modified

2023-05-24
13h01 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:o:openwrt:openwrt:19.07.0:rc1::::::

Informations

Vendor

openwrt

Product

openwrt

Version

19.07.0

Update

rc1

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2024-20085	2024-09-02 02h07 +00:00	In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08944204; Issue ID: MSV-1560.	4.4	Medium
CVE-2024-20084	2024-09-02 02h07 +00:00	In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08944210; Issue ID: MSV-1561.	4.4	Medium
CVE-2022-38333	2022-09-19 14h13 +00:00	Openwrt before v21.02.3 and Openwrt v22.03.0-rc6 were discovered to contain two skip loops in the function header_value(). This vulnerability allows attackers to access sensitive information via a crafted HTTP request.	7.5	High
CVE-2021-32019	2021-08-02 18h35 +00:00	There is missing input validation of host names displayed in OpenWrt before 19.07.8. The Connection Status page of the luci web-interface allows XSS, which can be used to gain full control over the affected system via ICMP.	6.1	Medium
CVE-2021-22161	2021-02-07 21h56 +00:00	In OpenWrt 19.07.x before 19.07.7, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set. This affects the netifd and odhcp6c packages.	6.5	Medium
CVE-2020-28951	2020-11-19 18h01 +00:00	libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter a use after free when using malicious package names. This is related to uci_parse_package in file.c and uci_strdup in util.c.	9.8	Critical
CVE-2020-7248	2020-03-16 19h49 +00:00	libubox in OpenWrt before 18.06.7 and 19.x before 19.07.1 has a tagged binary data JSON serialization vulnerability that may cause a stack based buffer overflow.	7.5	High
CVE-2019-19945	2020-03-16 16h17 +00:00	uhttpd in OpenWrt through 18.06.5 and 19.x through 19.07.0-rc2 has an integer signedness error. This leads to out-of-bounds access to a heap buffer and a subsequent crash. It can be triggered with an HTTP POST request to a CGI script, specifying both "Transfer-Encoding: chunked" and a large negative Content-Length value.	7.5	High

OpenWrt 19.07.0 Release Candidate 1

CPE Details

CPE Name: cpe:2.3:o:openwrt:openwrt:19.07.0:rc1:*:*:*:*:*:*

Informations

Vendor

Product

Version

Update

Related CVE

CPE Name: cpe:2.3:o:openwrt:openwrt:19.07.0:rc1::::::