Vulnerabilities > Openwrt > Luci > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-11-03 CVE-2022-41435 Cross-site Scripting vulnerability in Openwrt Luci Git22.140.6620602913Be
OpenWRT LuCI version git-22.140.66206-02913be was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /system/sshkeys.js.
network
low complexity
openwrt CWE-79
5.4
2021-05-25 CVE-2021-27821 Cross-site Scripting vulnerability in Openwrt Luci
The Web Interface for OpenWRT LuCI version 19.07 and lower has been discovered to have a cross-site scripting vulnerability which can lead to attackers carrying out arbitrary code execution.
network
openwrt CWE-79
4.3
2020-03-23 CVE-2020-10871 Information Exposure vulnerability in Openwrt Luci Git20.049.11521Bebfe20/Git20.078.229020Ed0D42
In OpenWrt LuCI git-20.x, remote unauthenticated attackers can retrieve the list of installed packages and services.
network
low complexity
openwrt CWE-200
5.3