CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2021/12/27 11:15 p.m.•18 views

Design/Logic Flaw

OpenWrt 21.02.1 allows XSS via the NAT Rules Name screen...

3.5CVSS5.2AI score0.00515EPSS

Prion•added 2021/12/27 11:15 p.m.•13 views

Cross site scripting

OpenWrt 21.02.1 allows XSS via the Traffic Rules Name screen...

3.5CVSS5.2AI score0.00515EPSS

Prion•added 2021/12/27 11:15 p.m.•12 views

Design/Logic Flaw

OpenWrt 21.02.1 allows XSS via the Port Forwards Add Name screen...

3.5CVSS5.2AI score0.00515EPSS

CVE•added 2021/12/27 10:32 p.m.•58 views

CVE-2021-45904

OpenWrt 21.02.1 is affected by CVE-2021-45904, a cross-site scripting (XSS) vulnerability in the Port Forwards Add Name screen caused by insufficient input filtering/escaping. The vulnerability details in connected sources confirm the affected software/version and the underlying issue. There is n...

Cvelist•added 2021/12/27 10:32 p.m.•25 views

CVE-2021-45904

OpenWrt 21.02.1 allows XSS via the Port Forwards Add Name screen...

5.4AI score0.00515EPSS

CVE•added 2021/12/27 10:32 p.m.•71 views

CVE-2021-45905

Concretely, CVE-2021-45905 affects OpenWrt 21.02.1 and is an XSS in the Traffic Rules Name screen caused by insufficient input filtering/escaping. The vulnerability has a demonstrated impact on confidentiality/integrity via client-side script injection, with CVSS values (2.0: 3.5/LOW; 3.1: 5.4/ME...

Cvelist•added 2021/12/27 10:32 p.m.•16 views

CVE-2021-45905

OpenWrt 21.02.1 allows XSS via the Traffic Rules Name screen...

5.4AI score0.00515EPSS

Cvelist•added 2021/12/27 10:32 p.m.•22 views

CVE-2021-45906

OpenWrt 21.02.1 allows XSS via the NAT Rules Name screen...

5.4AI score0.00515EPSS

CVE•added 2021/12/27 10:32 p.m.•62 views

CVE-2021-45906

OpenWrt 21.02.1 is affected by a cross-site scripting (XSS) vulnerability in the NAT Rules Name screen of the LuCI web interface. The underlying issue is insufficient input filtering/escaping for user-supplied parameters in that screen. Exploitation could occur remotely via the web UI, with user ...

CNNVD•added 2021/12/27 12:0 a.m.•3 views

OpenWrt 跨站脚本漏洞

OpenWrt, a Linux operating system for embedded devices, is vulnerable to a cross-site scripting vulnerability in version 21.02.1, which stems from a lack of effective filtering and escaping of user-submitted parameters in the Port Forwards Add Name screen. No detailed vulnerability details are...

CNNVD•added 2021/12/27 12:0 a.m.•2 views

Exploits1References2

OpenWrt 跨站脚本漏洞

OpenWrt, a Linux operating system for embedded devices, is vulnerable to a cross-site scripting vulnerability in OpenWrt version 21.02.1, which stems from the lack of effective filtering and escaping of user-submitted parameters in the NAT Rules Name screen. No detailed vulnerability details are...

CNNVD•added 2021/12/27 12:0 a.m.•3 views

Exploits1References2

OpenWrt 跨站脚本漏洞

OpenWrt, a Linux operating system for embedded devices, is vulnerable to a cross-site scripting vulnerability in OpenWrt version 21.02.1, which stems from the lack of effective filtering and escaping of user-submitted parameters in the Traffic Rules Name screen. No detailed vulnerability details...

Positive Technologies•added 2021/12/27 12:0 a.m.•3 views

Exploits1References2

PT-2021-6849 · Openwrt · Openwrt

Name of the Vulnerable Software and Affected Versions: OpenWrt version 21.02.1 Description: The issue exists due to inadequate protection of the web page structure in the OpenWrt embedded operating system. This allows for a potential Cross-Site Scripting XSS attack via the Traffic Rules Name...

Positive Technologies•added 2021/12/27 12:0 a.m.•3 views

Exploits1References6

PT-2021-6850 · Openwrt · Openwrt

Name of the Vulnerable Software and Affected Versions: OpenWrt version 21.02.1 Description: The issue exists due to a lack of protection for the web page structure in the OpenWrt embedded operating system. This can be exploited by a remote attacker to impact the confidentiality and integrity of...