Vulnerabilities > Openwrt > Luci > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-05-23 CVE-2019-12272 OS Command Injection vulnerability in Openwrt Luci
In OpenWrt LuCI through 0.10, the endpoints admin/status/realtime/bandwidth_status and admin/status/realtime/wireless_status of the web application are affected by a command injection vulnerability.
network
low complexity
openwrt CWE-78
critical
9.8