OpenWrt 19.07.6

CPE Details

OpenWrt 19.07.6
openwrt
openwrt
19.07.6
2023-05-24
12h53 +00:00
2023-05-24
13h01 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:openwrt:openwrt:19.07.6:*:*:*:*:*:*:*

Informations

Vendor

openwrt

Product

openwrt

Version

19.07.6

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-38333 2022-09-19 14h13 +00:00 Openwrt before v21.02.3 and Openwrt v22.03.0-rc6 were discovered to contain two skip loops in the function header_value(). This vulnerability allows attackers to access sensitive information via a crafted HTTP request.
7.5
High
CVE-2021-32019 2021-08-02 18h35 +00:00 There is missing input validation of host names displayed in OpenWrt before 19.07.8. The Connection Status page of the luci web-interface allows XSS, which can be used to gain full control over the affected system via ICMP.
6.1
Medium
CVE-2021-22161 2021-02-07 21h56 +00:00 In OpenWrt 19.07.x before 19.07.7, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set. This affects the netifd and odhcp6c packages.
6.5
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.