Security Advisory 2020-01-13-1 - uhttpd invalid data access via HTTP POST request (CVE-2019-19945)

DESCRIPTION An invalid data access can be triggered with an HTTP POST request to a CGI script specifying both Transfer-Encoding: chunked and a large Content-Length which exceeds 2^31 and is interpreted as a signed negative number. The negative content length is assigned to r→contentlength in...

PT-2019-5515 · Openwrt · Openwrt

Name of the Vulnerable Software and Affected Versions: OpenWrt versions 18.06.0 through 18.06.5 OpenWrt versions 19.0 through 19.07.0-rc2 Description: The issue is related to an integer signedness error in the uhttpd function of the OpenWrt embedded operating system, which can lead to out-of-boun...

OpenWrt Cross-Site Scripting Vulnerability

OpenWrt is a Linux operating system for embedded devices. A cross-site scripting vulnerability exists in OpenWrt version 18.06.4, which stems from the lack of proper validation of client-side data by a WEB application. An attacker can exploit this vulnerability to execute client-side code...

OpenWrt Cross-Site Scripting Vulnerability (CNVD-2020-09617)

OpenWrt is a Linux operating system for embedded devices. A cross-site scripting vulnerability exists in OpenWrt version 18.06.4. The vulnerability stems from the lack of proper validation of client-side data by the WEB application, which can be exploited by an attacker to execute client-side cod...

CVE-2019-18992

OpenWrt 18.06.4 allows XSS via these Name fields to the cgi-bin/luci/admin/network/firewall/rules URI: "Open ports on router" and "New forward rule" and "New Source NAT" this can occur, for example, on a TP-Link Archer C7 device...

CVE-2019-18992

OpenWrt 18.06.4 allows XSS via these Name fields to the cgi-bin/luci/admin/network/firewall/rules URI: "Open ports on router" and "New forward rule" and "New Source NAT" this can occur, for example, on a TP-Link Archer C7 device...

CVE-2019-18993

OpenWrt 18.06.4 allows XSS via the "New port forward" Name field to the cgi-bin/luci/admin/network/firewall/forwards URI this can occur, for example, on a TP-Link Archer C7 device...

CVE-2019-18993

OpenWrt 18.06.4 allows XSS via the "New port forward" Name field to the cgi-bin/luci/admin/network/firewall/forwards URI this can occur, for example, on a TP-Link Archer C7 device...

CVE-2019-18992

OpenWrt 18.06.4 allows XSS via these Name fields to the cgi-bin/luci/admin/network/firewall/rules URI: "Open ports on router" and "New forward rule" and "New Source NAT" this can occur, for example, on a TP-Link Archer C7 device...

CVE-2019-18993

OpenWrt 18.06.4 allows XSS via the "New port forward" Name field to the cgi-bin/luci/admin/network/firewall/forwards URI this can occur, for example, on a TP-Link Archer C7 device...

Design/Logic Flaw

OpenWrt 18.06.4 allows XSS via the "New port forward" Name field to the cgi-bin/luci/admin/network/firewall/forwards URI this can occur, for example, on a TP-Link Archer C7 device...

Design/Logic Flaw

OpenWrt 18.06.4 allows XSS via these Name fields to the cgi-bin/luci/admin/network/firewall/rules URI: "Open ports on router" and "New forward rule" and "New Source NAT" this can occur, for example, on a TP-Link Archer C7 device...

CVE-2019-18992

OpenWrt 18.06.4 allows XSS via these Name fields to the cgi-bin/luci/admin/network/firewall/rules URI: "Open ports on router" and "New forward rule" and "New Source NAT" this can occur, for example, on a TP-Link Archer C7 device...

CVE-2019-18992

CVE-2019-18992 is an XSS vulnerability in OpenWrt 18.06.4. It affects the /cgi-bin/luci/admin/network/firewall/rules API, where the Name fields (e.g., “Open ports on router”, “New forward rule”, “New Source NAT”) can be crafted to inject script. The issue is demonstrated on devices such as TP-Lin...

CVE-2019-18993

OpenWrt 18.06.4 allows XSS via the "New port forward" Name field to the cgi-bin/luci/admin/network/firewall/forwards URI this can occur, for example, on a TP-Link Archer C7 device...

CVE-2019-18993

OpenWrt 18.06.4 is affected by a stored/reflected XSS vulnerability in the web UI, allowing an attacker to inject scripts via the New port forward Name field targeting the cgi-bin/luci/admin/network/firewall/forwards URI (e.g., on TP-Link Archer C7). The issue stems from insufficient input valida...

PT-2019-15743 · Tp Link +1 · Tp-Link Archer C7 +1

Name of the Vulnerable Software and Affected Versions: OpenWrt version 18.06.4 Description: The issue allows for XSS via the Name fields in the /cgi-bin/luci/admin/network/firewall/rules API endpoint, specifically in the "Open ports on router", "New forward rule", and "New Source NAT" fields. Thi...

PT-2019-15744 · Tp Link +1 · Tp-Link Archer C7 +1

Name of the Vulnerable Software and Affected Versions: OpenWrt version 18.06.4 Description: The issue allows for XSS via the "New port forward" Name field to the "cgi-bin/luci/admin/network/firewall/forwards" URI. This can occur on devices such as the TP-Link Archer C7. Recommendations: For OpenW...

OpenWrt ustream-ssl library information disclosure vulnerability (CNVD-2019-42439)

OpenWrt is a Linux operating system for embedded devices. ustream-ssl is one of the cryptographic libraries. The ustream-ssl library in OpenWrt version 18.06.4 and 15.05.1 is vulnerable to an information disclosure vulnerability that can be exploited by an attacker to attack vulnerable components...

CVE-2019-5102

An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by...