Skip to main content

Opennds

3 CVEs product

Monthly

CVE-2024-25763 MEDIUM POC This Month

openNDS 10.2.0 is vulnerable to Use-After-Free via /openNDS/src/auth.c. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Information Disclosure Memory Corruption Opennds
NVD GitHub
CVSS 3.1
5.5
EPSS
0.5%
CVE-2023-41102 HIGH PATCH This Week

An issue was discovered in the captive portal in OpenNDS before version 10.1.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Information Disclosure Opennds
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2023-41101 CRITICAL PATCH Act Now

An issue was discovered in the captive portal in OpenNDS before version 10.1.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow RCE Opennds
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
EPSS 0% CVSS 5.5
MEDIUM POC This Month

openNDS 10.2.0 is vulnerable to Use-After-Free via /openNDS/src/auth.c. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Information Disclosure Memory Corruption +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

An issue was discovered in the captive portal in OpenNDS before version 10.1.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Information Disclosure Opennds
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in the captive portal in OpenNDS before version 10.1.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow RCE +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy