Vulnerabilities > CVE-2023-38320 - NULL Pointer Dereference vulnerability in Opennds Captive Portal

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

opennds

CWE-476

NVD

Published: 2023-11-17

Updated: 2024-06-20

Summary

An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a show_preauthpage NULL pointer dereference that can be triggered with a crafted GET HTTP with a missing User-Agent header. Triggering this issue results in crashing OpenNDS (a Denial-of-Service condition). This problem was fixed in OpenWrt master, OpenWrt 23.05 and OpenWrt 22.03 on 28. August 2023 by updating OpenNDS to version 10.1.3.

Vulnerable Configurations

Part	Description	Count
Application	Opennds Opennds Captive Portal *	1

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://github.com/openNDS/openNDS/releases/tag/v10.1.2
https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2023-006/#sthash.2vJg3d85.dpbs
https://github.com/openwrt/routing/commit/0b19771fb2dd81e7c428759610aed583171eed80