Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 9:53 a.m.6 views

CVE-2020-10871

In OpenWrt LuCI git-20.x, remote unauthenticated attackers can retrieve the list of installed packages and services. NOTE: the vendor disputes the significance of this report because, for instances reachable by an unauthenticated actor, the same information is available in other more complex ways...

5.3CVSS6.9AI score0.00853EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-44628

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00224EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/05/22 11:29 p.m.4 views

CVE-2022-41435

OpenWRT LuCI version git-22.140.66206-02913be was discovered to contain a stored cross-site scripting XSS vulnerability in the component /system/sshkeys.js. This vulnerability allows attackers to execute arbitrary web scripts or HTML via crafted public key comments...

5.4CVSS5.3AI score0.00224EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2022/11/03 12:0 a.m.4 views

CVE-2022-41435

OpenWRT LuCI version git-22.140.66206-02913be was discovered to contain a stored cross-site scripting XSS vulnerability in the component /system/sshkeys.js. This vulnerability allows attackers to execute arbitrary web scripts or HTML via crafted public key comments...

5.9AI score0.00224EPSS
Exploits1References2
BDU FSTEC
BDU FSTECadded 2022/02/07 12:0 a.m.1 views

The vulnerability of the NAT Rules Name Screen web interface in the LuCI configuration interface allows a hacker to perform cross-site scripting attacks.

The vulnerability of the NAT Rules Name Screen web interface of the LuCI configuration interface in the embedded OpenWrt operating system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a remote attacker to perform cross-site...

5.8CVSS5.7AI score0.00281EPSS
Exploits1References7Affected Software1
NVD
NVDadded 2021/05/25 2:15 p.m.8 views

CVE-2021-27821

The Web Interface for OpenWRT LuCI version 19.07 and lower has been discovered to have a cross-site scripting vulnerability which can lead to attackers carrying out arbitrary code execution...

6.1CVSS0.00489EPSS
Exploits0References2
CVE
CVEadded 2021/05/25 1:41 p.m.64 views

CVE-2021-33425

CVE-2021-33425 is a stored XSS in OpenWrt LuCI web interface (hostname change) affecting LuCI 19.07 series (19.07.0–19.07.7). The root cause is improper handling of the UCI hostname content in LuCI templates, allowing arbitrary JavaScript to be injected into the hostname field and reflected in th...

5.4CVSS5.5AI score0.00281EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2021/05/25 1:41 p.m.62 views

CVE-2021-27821

The CVE-2021-27821 entry concerns the Web Interface for OpenWrt LuCI (version 19.07 and earlier). It describes a cross-site scripting (XSS) vulnerability in the LuCI web interface that can lead to arbitrary code execution. Affected product/component: OpenWrt LuCI web interface up to v19.07. Under...

6.1CVSS6.4AI score0.00489EPSS
Exploits0References2Affected Software1
CNVD
CNVDadded 2019/05/23 12:0 a.m.3 views

OpenWrt LuCI Input Validation Vulnerability

OpenWrt LuCI is a graphical configuration interface for OpenWrt. An input validation vulnerability exists in OpenWrt LuCI admin/status/realtime/bandwidthstatus and admin/status/realtime/wirelessstatus, which could be exploited by remote attackers to submit a special request that could execute...

9.8CVSS7.4AI score0.37652EPSS
Exploits0References1
Rows per page
Query Builder