EUVD-2020-21337

Malware in sbrugna...

EUVD-2019-6499

Malware in sbrugna...

CVE-2020-28951

libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter a use after free when using malicious package names. This is related to uciparsepackage in file.c and ucistrdup in util.c...

CVE-2019-15513

An issue was discovered in OpenWrt libuci aka Library for the Unified Configuration Interface before 15.05.1 as used on Motorola CX2L MWR04L 1.01 and C1 MWR03 1.01 devices. /tmp/.uci/network locking is mishandled after reception of a long SetWanSettings command, leading to a device hang...

OpenWRT < 18.06.9, 19.x < 19.07.5 libuci Vulnerability

OpenWRT is prone to a buffer overflow vulnerability in libuci. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...

Security Advisory 2020-12-09-2 - libuci import heap use after free (CVE-2020-28951)

DESCRIPTION Possibly exploitable vulnerability was found in Unified Config Interface UCI library named libuci, specifically in uciimport C API function. CVE-2020-28951 has been assigned to this issue. API: Application Programming Interface REQUIREMENTS In order to exploit this vulnerability a...

CVE-2020-28951

libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter a use after free when using malicious package names. This is related to uciparsepackage in file.c and ucistrdup in util.c...

CVE-2020-28951

libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter a use after free when using malicious package names. This is related to uciparsepackage in file.c and ucistrdup in util.c...

Double free

libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter a use after free when using malicious package names. This is related to uciparsepackage in file.c and ucistrdup in util.c...

CVE-2020-28951

CVE-2020-28951 affects OpenWrt libuci. A use-after-free can occur in libuci when processing malicious package names, specifically in uci_parse_package (file.c) and uci_strdup (util.c). Affected OpenWrt versions: 18.06.0–18.06.8 and 19.07.0–19.07.4. Remediation is to upgrade to OpenWrt 18.06.9 or ...

CVE-2020-28951

libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter a use after free when using malicious package names. This is related to uciparsepackage in file.c and ucistrdup in util.c...

PT-2020-5336 · Openwrt · Openwrt +1

Name of the Vulnerable Software and Affected Versions: OpenWrt versions 18.06.0 through 18.06.8 OpenWrt versions 19.0.0 through 19.07.4 Description: The issue is related to a use after free error in the libuci library of OpenWrt. This error can occur when using malicious package names, specifical...

OpenWrt Resource Management Error Vulnerability

OpenWrt is a Linux operating system for embedded devices. A security vulnerability exists in libuci in OpenWrt versions prior to 18.06.9 and 19.x series versions prior to 19.07.5, which stems from the possibility of encountering the use of a malware package name after using free. This is related ...

CVE-2019-15513

An issue was discovered in OpenWrt libuci aka Library for the Unified Configuration Interface before 15.05.1 as used on Motorola CX2L MWR04L 1.01 and C1 MWR03 1.01 devices. /tmp/.uci/network locking is mishandled after reception of a long SetWanSettings command, leading to a device hang...

CVE-2019-15513

An issue was discovered in OpenWrt libuci aka Library for the Unified Configuration Interface before 15.05.1 as used on Motorola CX2L MWR04L 1.01 and C1 MWR03 1.01 devices. /tmp/.uci/network locking is mishandled after reception of a long SetWanSettings command, leading to a device hang...

Command injection

An issue was discovered in OpenWrt libuci aka Library for the Unified Configuration Interface before 15.05.1 as used on Motorola CX2L MWR04L 1.01 and C1 MWR03 1.01 devices. /tmp/.uci/network locking is mishandled after reception of a long SetWanSettings command, leading to a device hang...

CVE-2019-15513

CVE-2019-15513: OpenWrt libuci before 15.05.1 has a locking issue in /tmp/.uci/network that is mishandled after a long SetWanSettings command, causing device hangs on Motorola CX2L MWR04L 1.01 and C1 MWR03 1.01. The issue is tied to the Unified Configuration Interface library, impacting devices u...

CVE-2019-15513

An issue was discovered in OpenWrt libuci aka Library for the Unified Configuration Interface before 15.05.1 as used on Motorola CX2L MWR04L 1.01 and C1 MWR03 1.01 devices. /tmp/.uci/network locking is mishandled after reception of a long SetWanSettings command, leading to a device hang...