Skip to main content

Lede

2 CVEs product

Monthly

CVE-2020-7982 HIGH POC PATCH This Week

An issue was discovered in OpenWrt 18.06.0 to 18.06.6 and 19.07.0, and LEDE 17.01.0 to 17.01.7. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Code Injection Lede Openwrt
NVD GitHub
CVSS 3.1
8.1
EPSS
1.6%
CVE-2018-19630 MEDIUM POC This Month

cgi_handle_request in uhttpd in OpenWrt through 18.06.1 and LEDE through 17.01 has unauthenticated reflected XSS via the URI, as demonstrated by a cgi-bin/?[XSS] URI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Lede Openwrt
NVD
CVSS 3.0
6.1
EPSS
0.7%
EPSS 2% CVSS 8.1
HIGH POC PATCH This Week

An issue was discovered in OpenWrt 18.06.0 to 18.06.6 and 19.07.0, and LEDE 17.01.0 to 17.01.7. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Code Injection Lede Openwrt
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC This Month

cgi_handle_request in uhttpd in OpenWrt through 18.06.1 and LEDE through 17.01 has unauthenticated reflected XSS via the URI, as demonstrated by a cgi-bin/?[XSS] URI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Lede Openwrt
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy