Skip to main content

Openwrt

118 CVEs product

Monthly

CVE-2026-62947 MEDIUM PATCH This Month

Path traversal in OpenWrt's cgi-io cgi-download handler (prior to 25.12.5) allows an authenticated administrator to read arbitrary root-readable files - including /etc/shadow - by exploiting a TOCTOU-style authorization flaw where ACL checks occur before path canonicalization. The rpcd session.c ACL matcher uses fnmatch() without FNM_PATHNAME, meaning a wildcard-prefixed ACL entry (e.g., /etc/config/*) can be defeated by appending ../ sequences that pass the ACL check but resolve to an out-of-scope file when open() is called. No public exploit identified at time of analysis; vendor-released patch is available in v25.12.5.

Path Traversal Openwrt
NVD GitHub
CVSS 3.1
4.9
CVE-2026-62948 CRITICAL PATCH Act Now

Stored cross-site scripting in OpenWrt's default odhcpd server (all releases prior to 25.12.5) lets a network-adjacent DHCP client inject forged lease records that execute as HTML/JavaScript in a router administrator's browser. The client-supplied DHCPv6 FQDN option 39 (and DHCPv4 option 12) hostname is written unescaped into /tmp/odhcpd.leases, enabling newline injection of attacker-controlled fields that LuCI's Active DHCPv6 Leases page renders via unsafe dom.append. No public exploit is identified at time of analysis, and the flaw is not in CISA KEV; it is fixed in 25.12.5.

XSS Openwrt
NVD GitHub
CVSS 3.1
9.6
CVE-2026-55490 MEDIUM PATCH This Month

Integer underflow in the OpenWrt Emergency Access Daemon crashes the daemon when any unauthenticated attacker on the local network sends a single crafted UDP packet to it. Affected are all OpenWrt versions prior to v25.12.5. The CVSS adjacent-network vector (AV:A) constrains the attack surface to local or adjacent network segments, but within that context exploitation requires no credentials and no user interaction - a single malformed packet suffices. No public exploit code or CISA KEV listing has been identified at time of analysis; the patch is confirmed available in v25.12.5.

Integer Overflow Denial Of Service Openwrt
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.6%
CVE-2026-32721 HIGH This Week

A stored cross-site scripting (XSS) vulnerability exists in the OpenWrt LuCI web interface where malicious JavaScript code embedded in Wi-Fi network names (SSIDs) can execute when users open the wireless scan modal. The vulnerability affects OpenWrt versions newer than 23.05/22.03 up to 24.10.5 and 25.12.0, allowing attackers within wireless range to compromise users who scan for available networks. No active exploitation has been reported (not in KEV), and with an EPSS score not provided, the real-world exploitation risk appears limited despite the high CVSS score of 8.6.

XSS Luci Openwrt
NVD GitHub VulDB
CVSS 3.1
8.6
EPSS
0.0%
CVE-2026-30874 HIGH This Week

OpenWrt versions prior to 24.10.6 allow local attackers with limited privileges to inject a malicious PATH environment variable into hotplug scripts due to improper filtering in the hotplug_call function, enabling execution of arbitrary binaries with elevated privileges. The vulnerability stems from a strcmp/strncmp logic error that fails to properly exclude the PATH variable when executing scripts in /etc/hotplug.d, resulting in local privilege escalation. No patch is currently available.

Privilege Escalation Openwrt
NVD GitHub VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-30873 MEDIUM This Month

A security vulnerability in versions (CVSS 4.9). Remediation should follow standard vulnerability management procedures.

Information Disclosure Openwrt
NVD GitHub VulDB
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-30872 CRITICAL Act Now

Remote code execution in OpenWrt's mDNS daemon (versions before 24.10.6 and 25.12.1) allows unauthenticated attackers to overflow a 46-byte stack buffer by sending malformed IPv6 PTR queries over multicast DNS on UDP port 5353. The vulnerability stems from insufficient validation of domain name length before copying to a fixed-size buffer, enabling arbitrary code execution on affected embedded devices. No patch is currently available.

RCE Buffer Overflow Stack Overflow Openwrt
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-30871 CRITICAL PATCH Act Now

Remote code execution in OpenWrt mdns daemon (versions before 24.10.6 and 25.12.1) allows unauthenticated attackers to crash the service or execute arbitrary code by sending specially crafted DNS PTR queries to UDP port 5353, exploiting a stack buffer overflow in the parse_question function. The vulnerability occurs when domain names are expanded and copied without bounds checking, with non-printable characters inflating the payload beyond the fixed 256-byte buffer. No patch is currently available for affected embedded device deployments.

Buffer Overflow Stack Overflow Openwrt
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-20435 MEDIUM This Month

Device unique identifiers in the preloader of Openwrt, Android, Yocto, RDK-B, and Zephyr can be read by attackers with physical access due to a logic error, leading to local information disclosure without requiring additional privileges or user interaction. This vulnerability affects multiple embedded and IoT platforms where the preloader executes before operating system initialization. No patch is currently available for this issue.

Information Disclosure Openwrt Android Yocto Rdk B +2
NVD
CVSS 3.1
4.6
EPSS
0.0%
CVE-2026-20430 HIGH This Week

OpenWrt and its Software Development Kit contain an out-of-bounds write vulnerability in the WLAN access point firmware caused by improper bounds checking, enabling adjacent network attackers to achieve privilege escalation without user interaction or special privileges. The vulnerability carries high severity with complete impact across confidentiality, integrity, and availability, though no patch is currently available.

Privilege Escalation Openwrt Software Development Kit
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-20419 MEDIUM This Month

An uncaught exception in WLAN AP/STA firmware for NBIoT SDK, OpenWrt, and related development kits enables adjacent network attackers to trigger a denial of service condition that renders the system unresponsive without requiring authentication or user interaction. The vulnerability affects multiple wireless products and has no available patch at this time, presenting a medium-severity risk in networked environments.

Denial Of Service Nbiot Sdk Openwrt Software Development Kit
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-20408 HIGH This Week

OpenWRT and related SDKs are vulnerable to a heap buffer overflow in the WLAN component that allows adjacent network attackers to execute privilege escalation without user interaction or special permissions. The out-of-bounds write condition enables attackers on the same network segment to gain elevated system privileges. No patch is currently available for this vulnerability.

Buffer Overflow Privilege Escalation Openwrt Software Development Kit
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-20765 MEDIUM This Month

In aee daemon, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10190802; Issue ID: MSV-4833.

Denial Of Service Race Condition Openwrt Android Yocto +1
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-20748 MEDIUM This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Software Development Kit Openwrt
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20747 MEDIUM This Month

In gnss service, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation Yocto Rdk B +4
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20746 MEDIUM This Month

In gnss service, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation Yocto Rdk B +4
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20742 HIGH This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Privilege Escalation Software Development Kit Openwrt
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2025-20741 MEDIUM This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Privilege Escalation Software Development Kit Openwrt
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20739 MEDIUM This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation Software Development Kit Openwrt
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20738 MEDIUM This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation Software Development Kit Openwrt
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20737 HIGH This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation Software Development Kit Openwrt
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-20736 MEDIUM This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation Software Development Kit Openwrt
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20735 HIGH This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Privilege Escalation Software Development Kit Openwrt
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-20734 MEDIUM This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Privilege Escalation Software Development Kit Openwrt
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-20733 HIGH This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Privilege Escalation Software Development Kit Openwrt
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-20732 MEDIUM This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation Software Development Kit Openwrt
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-20731 MEDIUM This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Privilege Escalation Software Development Kit Openwrt
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-20730 MEDIUM This Month

In preloader, there is a possible escalation of privilege due to an insecure default value. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Yocto Rdk B Android +2
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20729 MEDIUM Monitor

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Privilege Escalation Software Development Kit Openwrt
NVD
CVSS 3.1
4.2
EPSS
0.0%
CVE-2025-20705 HIGH This Month

In monitor_hang, there is a possible memory corruption due to use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Use After Free Denial Of Service Privilege Escalation +4
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-20696 MEDIUM This Month

In DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +4
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-20695 MEDIUM This Month

In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09741871; Issue ID: MSV-3317.

Denial Of Service Software Development Kit Android Openwrt Google
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-20694 MEDIUM This Month

In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09752821; Issue ID: MSV-3342.

Denial Of Service Software Development Kit Android Openwrt Google
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-20693 MEDIUM This Month

In wlan STA driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09812521; Issue ID: MSV-3421.

Information Disclosure Buffer Overflow Yocto Openwrt Software Development Kit +2
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-20692 MEDIUM This Month

In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418040; Issue ID: MSV-3476.

Information Disclosure Buffer Overflow Software Development Kit Openwrt
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-20691 MEDIUM This Month

In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418039; Issue ID: MSV-3477.

Information Disclosure Buffer Overflow Software Development Kit Openwrt
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-20690 MEDIUM This Month

In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418038; Issue ID: MSV-3478.

Information Disclosure Buffer Overflow Openwrt Software Development Kit
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-20689 MEDIUM This Month

In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418048; Issue ID: MSV-3479.

Information Disclosure Buffer Overflow Openwrt Software Development Kit
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-20688 MEDIUM This Month

In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418047; Issue ID: MSV-3480.

Information Disclosure Buffer Overflow Openwrt Software Development Kit
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-20686 HIGH This Week

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00415570; Issue ID: MSV-3404.

Heap Overflow RCE Buffer Overflow Software Development Kit Openwrt
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-20685 HIGH This Week

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416226; Issue ID: MSV-3409.

Heap Overflow RCE Buffer Overflow Openwrt Software Development Kit
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-20683 CRITICAL Act Now

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416938; Issue ID: MSV-3444.

Buffer Overflow Memory Corruption Privilege Escalation Software Development Kit Openwrt
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-20682 CRITICAL Act Now

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416937; Issue ID: MSV-3445.

Buffer Overflow Memory Corruption Privilege Escalation Software Development Kit Openwrt
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-20681 CRITICAL Act Now

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416936; Issue ID: MSV-3446.

Buffer Overflow Memory Corruption Privilege Escalation Software Development Kit Openwrt
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2025-20674 CRITICAL Act Now

Remote privilege escalation in Android WLAN AP driver via packet injection.

Privilege Escalation Code Injection Software Development Kit Openwrt
NVD
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-20656 MEDIUM This Month

In DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +19
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-20654 CRITICAL Act Now

In wlan service, there is a possible out of bounds write due to an incorrect bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Software Development Kit Mt7622 +6
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2025-20651 MEDIUM This Month

In da, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Yocto Rdk B Android +2
NVD
CVSS 3.1
4.1
EPSS
0.0%
CVE-2025-20650 MEDIUM This Month

In da, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +3
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-20649 MEDIUM This Month

In Bluetooth Stack SW, there is a possible information disclosure due to a missing permission check. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Software Development Kit Openwrt
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-20635 MEDIUM This Month

In V6 DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +3
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2024-20147 MEDIUM This Month

In Bluetooth FW, there is a possible reachable assertion due to improper exception handling. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Yocto Software Development Kit Android Openwrt +1
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2024-20152 MEDIUM Monitor

In wlan STA driver, there is a possible reachable assertion due to improper exception handling. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Yocto Software Development Kit Android Openwrt +1
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2024-20146 HIGH This Month

In wlan STA driver, there is a possible out of bounds write due to improper input validation. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow Yocto Software Development Kit +3
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2024-20145 MEDIUM This Month

In V6 DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +3
NVD
CVSS 3.1
6.6
EPSS
0.1%
CVE-2024-20144 MEDIUM This Month

In V6 DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +3
NVD
CVSS 3.1
6.6
EPSS
0.1%
CVE-2024-20143 MEDIUM This Month

In V6 DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +3
NVD
CVSS 3.1
6.6
EPSS
0.1%
CVE-2024-20139 MEDIUM This Month

In Bluetooth firmware, there is a possible firmware asssert due to improper handling of exceptional conditions. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Yocto Software Development Kit Android Openwrt
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2024-20136 MEDIUM This Month

In da, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Rdk B Android Openwrt
NVD
CVSS 3.1
6.2
EPSS
0.1%
CVE-2024-20107 MEDIUM This Month

In da, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Yocto Rdk B Android +1
NVD
CVSS 3.1
6.2
EPSS
0.1%
CVE-2024-20104 HIGH This Week

In da, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Yocto Rdk B +2
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2024-20085 MEDIUM This Month

In power, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Yocto Rdk B Android +1
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2024-20084 MEDIUM This Month

In power, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Yocto Rdk B Android +1
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2024-20081 MEDIUM This Month

In gnss service, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Yocto Rdk B +2
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2024-20073 MEDIUM This Month

In wlan service, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Software Development Kit Openwrt
NVD
CVSS 3.1
6.6
EPSS
0.4%
CVE-2024-20072 MEDIUM This Month

In wlan driver, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Software Development Kit Openwrt
NVD
CVSS 3.1
6.6
EPSS
0.4%
CVE-2024-20071 MEDIUM This Month

In wlan driver, there is a possible out of bounds read due to improper input validation. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Software Development Kit Openwrt
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2024-20056 MEDIUM This Month

In preloader, there is a possible escalation of privilege due to an insecure default value. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Rdk B Android Openwrt
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2024-20054 MEDIUM This Month

In gnss, there is a possible escalation of privilege due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Yocto Rdk B +2
NVD
CVSS 3.1
6.6
EPSS
0.3%
CVE-2024-20053 HIGH This Week

In flashc, there is a possible out of bounds write due to an uncaught exception. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Yocto Rdk B +2
NVD
CVSS 3.1
8.4
EPSS
0.1%
CVE-2024-20052 MEDIUM This Month

In flashc, there is a possible information disclosure due to an uncaught exception. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Yocto Rdk B Android Openwrt
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2024-20051 LOW Monitor

In flashc, there is a possible system crash due to an uncaught exception. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Yocto Rdk B Android Openwrt
NVD
CVSS 3.1
2.3
EPSS
0.1%
CVE-2024-20050 MEDIUM This Month

In flashc, there is a possible information disclosure due to an uncaught exception. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Yocto Rdk B Android Openwrt
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2024-20049 MEDIUM This Month

In flashc, there is a possible information disclosure due to an uncaught exception. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Yocto Rdk B Android Openwrt
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2024-20040 HIGH This Week

In wlan firmware, there is a possible out of bounds write due to improper input validation. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Yocto Rdk B +3
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2024-20023 MEDIUM This Month

In flashc, there is a possible out of bounds write due to lack of valudation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Yocto Rdk B +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2024-20022 MEDIUM This Month

In lk, there is a possible escalation of privilege due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure Yocto Rdkb +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2024-20017 CRITICAL POC THREAT Act Now

In wlan service, there is a possible out of bounds write due to improper input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow Software Development Kit Openwrt
NVD
CVSS 3.1
9.8
EPSS
46.3%
CVE-2024-20006 MEDIUM This Month

In da, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption Rdk B Android +1
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2023-32855 MEDIUM This Month

In aee, there is a possible escalation of privilege due to a missing permission check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Authentication Bypass Yocto Rdk B Android +1
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-32815 MEDIUM This Month

In gnss service, there is a possible out of bounds read due to improper input validation. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Yocto Android Openwrt
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-32813 MEDIUM This Month

In gnss service, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Information Disclosure Yocto Android +1
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2023-32812 MEDIUM This Month

In gnss service, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Yocto Android Openwrt
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-32806 MEDIUM This Month

In wlan driver, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Iot Yocto +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20832 MEDIUM This Month

In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20831 MEDIUM This Month

In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20830 MEDIUM This Month

In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20829 MEDIUM This Month

In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20828 MEDIUM This Month

In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2023-20821 MEDIUM This Month

In nvram, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +2
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVSS 4.9
MEDIUM PATCH This Month

Path traversal in OpenWrt's cgi-io cgi-download handler (prior to 25.12.5) allows an authenticated administrator to read arbitrary root-readable files - including /etc/shadow - by exploiting a TOCTOU-style authorization flaw where ACL checks occur before path canonicalization. The rpcd session.c ACL matcher uses fnmatch() without FNM_PATHNAME, meaning a wildcard-prefixed ACL entry (e.g., /etc/config/*) can be defeated by appending ../ sequences that pass the ACL check but resolve to an out-of-scope file when open() is called. No public exploit identified at time of analysis; vendor-released patch is available in v25.12.5.

Path Traversal Openwrt
NVD GitHub
CVSS 9.6
CRITICAL PATCH Act Now

Stored cross-site scripting in OpenWrt's default odhcpd server (all releases prior to 25.12.5) lets a network-adjacent DHCP client inject forged lease records that execute as HTML/JavaScript in a router administrator's browser. The client-supplied DHCPv6 FQDN option 39 (and DHCPv4 option 12) hostname is written unescaped into /tmp/odhcpd.leases, enabling newline injection of attacker-controlled fields that LuCI's Active DHCPv6 Leases page renders via unsafe dom.append. No public exploit is identified at time of analysis, and the flaw is not in CISA KEV; it is fixed in 25.12.5.

XSS Openwrt
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Integer underflow in the OpenWrt Emergency Access Daemon crashes the daemon when any unauthenticated attacker on the local network sends a single crafted UDP packet to it. Affected are all OpenWrt versions prior to v25.12.5. The CVSS adjacent-network vector (AV:A) constrains the attack surface to local or adjacent network segments, but within that context exploitation requires no credentials and no user interaction - a single malformed packet suffices. No public exploit code or CISA KEV listing has been identified at time of analysis; the patch is confirmed available in v25.12.5.

Integer Overflow Denial Of Service Openwrt
NVD GitHub VulDB
EPSS 0% CVSS 8.6
HIGH This Week

A stored cross-site scripting (XSS) vulnerability exists in the OpenWrt LuCI web interface where malicious JavaScript code embedded in Wi-Fi network names (SSIDs) can execute when users open the wireless scan modal. The vulnerability affects OpenWrt versions newer than 23.05/22.03 up to 24.10.5 and 25.12.0, allowing attackers within wireless range to compromise users who scan for available networks. No active exploitation has been reported (not in KEV), and with an EPSS score not provided, the real-world exploitation risk appears limited despite the high CVSS score of 8.6.

XSS Luci Openwrt
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH This Week

OpenWrt versions prior to 24.10.6 allow local attackers with limited privileges to inject a malicious PATH environment variable into hotplug scripts due to improper filtering in the hotplug_call function, enabling execution of arbitrary binaries with elevated privileges. The vulnerability stems from a strcmp/strncmp logic error that fails to properly exclude the PATH variable when executing scripts in /etc/hotplug.d, resulting in local privilege escalation. No patch is currently available.

Privilege Escalation Openwrt
NVD GitHub VulDB
EPSS 0% CVSS 4.9
MEDIUM This Month

A security vulnerability in versions (CVSS 4.9). Remediation should follow standard vulnerability management procedures.

Information Disclosure Openwrt
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL Act Now

Remote code execution in OpenWrt's mDNS daemon (versions before 24.10.6 and 25.12.1) allows unauthenticated attackers to overflow a 46-byte stack buffer by sending malformed IPv6 PTR queries over multicast DNS on UDP port 5353. The vulnerability stems from insufficient validation of domain name length before copying to a fixed-size buffer, enabling arbitrary code execution on affected embedded devices. No patch is currently available.

RCE Buffer Overflow Stack Overflow +1
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Remote code execution in OpenWrt mdns daemon (versions before 24.10.6 and 25.12.1) allows unauthenticated attackers to crash the service or execute arbitrary code by sending specially crafted DNS PTR queries to UDP port 5353, exploiting a stack buffer overflow in the parse_question function. The vulnerability occurs when domain names are expanded and copied without bounds checking, with non-printable characters inflating the payload beyond the fixed 256-byte buffer. No patch is currently available for affected embedded device deployments.

Buffer Overflow Stack Overflow Openwrt
NVD GitHub VulDB
EPSS 0% CVSS 4.6
MEDIUM This Month

Device unique identifiers in the preloader of Openwrt, Android, Yocto, RDK-B, and Zephyr can be read by attackers with physical access due to a logic error, leading to local information disclosure without requiring additional privileges or user interaction. This vulnerability affects multiple embedded and IoT platforms where the preloader executes before operating system initialization. No patch is currently available for this issue.

Information Disclosure Openwrt Android +4
NVD
EPSS 0% CVSS 8.8
HIGH This Week

OpenWrt and its Software Development Kit contain an out-of-bounds write vulnerability in the WLAN access point firmware caused by improper bounds checking, enabling adjacent network attackers to achieve privilege escalation without user interaction or special privileges. The vulnerability carries high severity with complete impact across confidentiality, integrity, and availability, though no patch is currently available.

Privilege Escalation Openwrt Software Development Kit
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

An uncaught exception in WLAN AP/STA firmware for NBIoT SDK, OpenWrt, and related development kits enables adjacent network attackers to trigger a denial of service condition that renders the system unresponsive without requiring authentication or user interaction. The vulnerability affects multiple wireless products and has no available patch at this time, presenting a medium-severity risk in networked environments.

Denial Of Service Nbiot Sdk Openwrt +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

OpenWRT and related SDKs are vulnerable to a heap buffer overflow in the WLAN component that allows adjacent network attackers to execute privilege escalation without user interaction or special permissions. The out-of-bounds write condition enables attackers on the same network segment to gain elevated system privileges. No patch is currently available for this vulnerability.

Buffer Overflow Privilege Escalation Openwrt +1
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

In aee daemon, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10190802; Issue ID: MSV-4833.

Denial Of Service Race Condition Openwrt +3
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In gnss service, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation +6
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In gnss service, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation +6
NVD
EPSS 0% CVSS 8.0
HIGH This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.8
HIGH This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.8
HIGH This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.8
HIGH This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In preloader, there is a possible escalation of privilege due to an insecure default value. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Yocto +4
NVD
EPSS 0% CVSS 4.2
MEDIUM Monitor

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Privilege Escalation +2
NVD
EPSS 0% CVSS 7.8
HIGH This Month

In monitor_hang, there is a possible memory corruption due to use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Use After Free +6
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

In DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +6
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09741871; Issue ID: MSV-3317.

Denial Of Service Software Development Kit Android +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09752821; Issue ID: MSV-3342.

Denial Of Service Software Development Kit Android +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

In wlan STA driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09812521; Issue ID: MSV-3421.

Information Disclosure Buffer Overflow Yocto +4
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418040; Issue ID: MSV-3476.

Information Disclosure Buffer Overflow Software Development Kit +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418039; Issue ID: MSV-3477.

Information Disclosure Buffer Overflow Software Development Kit +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418038; Issue ID: MSV-3478.

Information Disclosure Buffer Overflow Openwrt +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418048; Issue ID: MSV-3479.

Information Disclosure Buffer Overflow Openwrt +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418047; Issue ID: MSV-3480.

Information Disclosure Buffer Overflow Openwrt +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00415570; Issue ID: MSV-3404.

Heap Overflow RCE Buffer Overflow +2
NVD
EPSS 0% CVSS 8.8
HIGH This Week

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416226; Issue ID: MSV-3409.

Heap Overflow RCE Buffer Overflow +2
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416938; Issue ID: MSV-3444.

Buffer Overflow Memory Corruption Privilege Escalation +2
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416937; Issue ID: MSV-3445.

Buffer Overflow Memory Corruption Privilege Escalation +2
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416936; Issue ID: MSV-3446.

Buffer Overflow Memory Corruption Privilege Escalation +2
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Remote privilege escalation in Android WLAN AP driver via packet injection.

Privilege Escalation Code Injection Software Development Kit +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

In DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +21
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

In wlan service, there is a possible out of bounds write due to an incorrect bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +8
NVD
EPSS 0% CVSS 4.1
MEDIUM This Month

In da, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Yocto +4
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

In da, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +5
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

In Bluetooth Stack SW, there is a possible information disclosure due to a missing permission check. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Software Development Kit Openwrt
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

In V6 DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +5
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

In Bluetooth FW, there is a possible reachable assertion due to improper exception handling. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Yocto Software Development Kit +3
NVD
EPSS 0% CVSS 4.4
MEDIUM Monitor

In wlan STA driver, there is a possible reachable assertion due to improper exception handling. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Yocto Software Development Kit +3
NVD
EPSS 0% CVSS 8.1
HIGH This Month

In wlan STA driver, there is a possible out of bounds write due to improper input validation. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow +5
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

In V6 DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +5
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

In V6 DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +5
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

In V6 DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +5
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

In Bluetooth firmware, there is a possible firmware asssert due to improper handling of exceptional conditions. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Yocto Software Development Kit +2
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

In da, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Rdk B +2
NVD
EPSS 0% CVSS 6.2
MEDIUM This Month

In da, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Yocto +3
NVD
EPSS 0% CVSS 8.4
HIGH This Week

In da, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption +4
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In power, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Yocto +3
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In power, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Yocto +3
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In gnss service, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption +4
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

In wlan service, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption +2
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

In wlan driver, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In wlan driver, there is a possible out of bounds read due to improper input validation. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Software Development Kit +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In preloader, there is a possible escalation of privilege due to an insecure default value. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Rdk B Android +1
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

In gnss, there is a possible escalation of privilege due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption +4
NVD
EPSS 0% CVSS 8.4
HIGH This Week

In flashc, there is a possible out of bounds write due to an uncaught exception. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption +4
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In flashc, there is a possible information disclosure due to an uncaught exception. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Yocto Rdk B +2
NVD
EPSS 0% CVSS 2.3
LOW Monitor

In flashc, there is a possible system crash due to an uncaught exception. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Yocto Rdk B +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In flashc, there is a possible information disclosure due to an uncaught exception. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Yocto Rdk B +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In flashc, there is a possible information disclosure due to an uncaught exception. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Yocto Rdk B +2
NVD
EPSS 0% CVSS 8.8
HIGH This Week

In wlan firmware, there is a possible out of bounds write due to improper input validation. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption +5
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In flashc, there is a possible out of bounds write due to lack of valudation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption +4
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In lk, there is a possible escalation of privilege due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Information Disclosure +4
NVD
EPSS 46% CVSS 9.8
CRITICAL POC THREAT Act Now

In wlan service, there is a possible out of bounds write due to improper input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow Software Development Kit +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In da, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Buffer Overflow Memory Corruption +3
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In aee, there is a possible escalation of privilege due to a missing permission check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Authentication Bypass Yocto +3
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In gnss service, there is a possible out of bounds read due to improper input validation. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Yocto +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

In gnss service, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Information Disclosure +3
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In gnss service, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Yocto +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In wlan driver, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +4
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +4
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +4
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +4
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +4
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In gps, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +4
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In nvram, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation +4
NVD
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy