CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 2CVE-2020-7982
https://notcve.org/view.php?id=CVE-2020-7982
An issue was discovered in OpenWrt 18.06.0 to 18.06.6 and 19.07.0, and LEDE 17.01.0 to 17.01.7. A bug in the fork of the opkg package manager before 2020-01-25 prevents correct parsing of embedded checksums in the signed repository index, allowing a man-in-the-middle attacker to inject arbitrary package payloads (which are installed without verification). Se detectó un problema en OpenWrt versiones 18.06.0 hasta 18.06.6 y versión 19.07.0, y LEDE versiones 17.01.0 hasta 17.01.7. Un error en la derivación del administrador de paquetes opkg antes del 25-01-2020 impide el análisis correcto de la utilidades checksums incorporadas en el índice de repositorio firmado, lo que permite a un atacante de tipo man-in-the-middle inyectar cargas de paquetes arbitrarias (que se instalan sin verificación) . • https://arstechnica.com/information-technology/2020/03/openwrt-is-vulnerable-to-attacks-that-execute-malicious-code https://blog.forallsecure.com/uncovering-openwrt-remote-code-execution-cve-2020-7982 https://github.com/openwrt/openwrt/commits/master https://openwrt.org/advisory/2020-01-31-1 • CWE-345: Insufficient Verification of Data Authenticity CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2018-19630
https://notcve.org/view.php?id=CVE-2018-19630
cgi_handle_request in uhttpd in OpenWrt through 18.06.1 and LEDE through 17.01 has unauthenticated reflected XSS via the URI, as demonstrated by a cgi-bin/?[XSS] URI. cgi_handle_request en uhttpd en OpenWrt hasta la versión 18.06.1 y LEDE hasta la versión 17.01 tiene Cross-Site Scripting (XSS) reflejado sin autenticación mediante el URI, tal y como queda demostrado con un URI cgi-bin/?[XSS]. • https://bugs.openwrt.org/index.php?do=details&task_id=1974 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •