Vulnerabilities > Openwrt
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-15 | CVE-2023-20695 | Out-of-bounds Write vulnerability in multiple products In preloader, there is a possible out of bounds write due to a missing bounds check. | 6.7 |
| 2023-05-15 | CVE-2023-20696 | Out-of-bounds Write vulnerability in multiple products In preloader, there is a possible out of bounds write due to a missing bounds check. | 6.7 |
| 2023-05-15 | CVE-2023-20726 | Missing Authorization vulnerability in multiple products In mnld, there is a possible leak of GPS location due to a missing permission check. | 3.3 |
| 2023-04-11 | CVE-2023-24182 | Cross-site Scripting vulnerability in Openwrt 22.03.3 LuCI openwrt-22.03 branch git-22.361.69894-438c598 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component /system/sshkeys.js. | 5.4 |
| 2023-04-10 | CVE-2023-24181 | Cross-site Scripting vulnerability in Openwrt Luci 22.03.3 LuCI openwrt-22.03 branch git-22.361.69894-438c598 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /openvpn/pageswitch.htm. | 5.4 |
| 2022-11-03 | CVE-2022-41435 | Cross-site Scripting vulnerability in Openwrt Luci Git22.140.6620602913Be OpenWRT LuCI version git-22.140.66206-02913be was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /system/sshkeys.js. | 5.4 |
| 2022-09-19 | CVE-2022-38333 | Out-of-bounds Read vulnerability in Openwrt Openwrt before v21.02.3 and Openwrt v22.03.0-rc6 were discovered to contain two skip loops in the function header_value(). | 7.5 |
| 2021-12-27 | CVE-2021-45904 | Cross-site Scripting vulnerability in Openwrt 21.02.1 OpenWrt 21.02.1 allows XSS via the Port Forwards Add Name screen. | 5.4 |
| 2021-12-27 | CVE-2021-45905 | Cross-site Scripting vulnerability in Openwrt 21.02.1 OpenWrt 21.02.1 allows XSS via the Traffic Rules Name screen. | 5.4 |
| 2021-12-27 | CVE-2021-45906 | Cross-site Scripting vulnerability in Openwrt 21.02.1 OpenWrt 21.02.1 allows XSS via the NAT Rules Name screen. | 5.4 |