Vulnerabilities > Openwrt > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-19 | CVE-2020-28951 | Use After Free vulnerability in Openwrt libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter a use after free when using malicious package names. | 9.8 |
| 2019-05-23 | CVE-2019-12272 | OS Command Injection vulnerability in Openwrt Luci In OpenWrt LuCI through 0.10, the endpoints admin/status/realtime/bandwidth_status and admin/status/realtime/wireless_status of the web application are affected by a command injection vulnerability. | 9.8 |