OpenWRT < 19.07.7 DoS Vulnerability

OpenWRT is prone to a denial of service DoS vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...

Security Advisory 2021-08-01-1 - XSS via missing input validation of host names displayed (CVE-2021-32019)

DESCRIPTION Missing input validation of host names displayed in OpenWrt LuCI web-interface leads to Cross-site scripting, which can be used to gain full control over the affected system. REQUIREMENTS Users need to visit the LuCI “Connection status” page of the router and activate the host name...

CVE-2021-22161

CVE-2021-22161 affects OpenWrt 19.07.x prior to 19.07.7. When IPv6 is enabled, a routing loop can occur because a router advertisement with a global unique prefix and the on-link flag causes a point-to-point link’s prefix route to misroute traffic back to the upstream router, generating excessive...

PT-2021-14880 · Odhcp6C +2 · Odhcp6C +2

Name of the Vulnerable Software and Affected Versions: OpenWrt versions 19.07.x through 19.07.6 Description: A routing loop can occur when IPv6 is used, generating excessive network traffic between an affected device and its upstream ISP's router. This happens when a link prefix route points to a...