6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
69.0%
DESCRIPTION
An authenticated user in LuCI is able to inject shell code in luci-app-ddns. Multiple variables in the luci-app-ddns applications where not validated before they were executed on the systemโs shell, which could be exploited by adding system shell commands.
REQUIREMENTS
To exploit this vulnerability the attackers needs access to LuCI and the extra application luci-app-ddns has to be installed. The attacker is then able to inject code which is executed on the shell of the system.
In a normal OpenWrt installation all users that have access to LuCI also have access to the shell of the system over SSH for example by design.
*[SSH]: Secure Shell
AFFECTED VERSIONS
To our knowledge, OpenWrt version 19.07.0 to 19.07.7 are affected. The fixed packages will be integrated in the upcoming OpenWrt 19.07.8 release. Older versions of OpenWrt (e.g. OpenWrt 18.06, OpenWrt 15.05 and LEDE 17.01) are end of life and not supported any more.
In OpenWrt 21.02 the luci-app-ddns package was already convert to a client side implementation which is not affected by this problem.
CREDITS
This issue was identified by Jussi Rรคmo (Ericsson Product Security Assurance Team).
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.7 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
69.0%