Total
42 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-18993 | 1 Openwrt | 1 Openwrt | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
OpenWrt 18.06.4 allows XSS via the "New port forward" Name field to the cgi-bin/luci/admin/network/firewall/forwards URI (this can occur, for example, on a TP-Link Archer C7 device). | |||||
CVE-2018-19630 | 1 Openwrt | 2 Lede, Openwrt | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
cgi_handle_request in uhttpd in OpenWrt through 18.06.1 and LEDE through 17.01 has unauthenticated reflected XSS via the URI, as demonstrated by a cgi-bin/?[XSS] URI. |