CVE-2023-3085 – X-WRT luci 404 Error Template dispatcher.uc run_action cross site scripting
https://notcve.org/view.php?id=CVE-2023-3085
A vulnerability, which was classified as problematic, has been found in X-WRT luci up to 22.10_b202303061504. This issue affects the function run_action of the file modules/luci-base/ucode/dispatcher.uc of the component 404 Error Template Handler. The manipulation of the argument request_path leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 22.10_b202303121313 is able to address this issue. • https://github.com/x-wrt/luci/commit/24d7da2416b9ab246825c33c213fe939a89b369c https://github.com/x-wrt/luci/releases/tag/22.10_b202303121313 https://vuldb.com/?ctiid.230663 https://vuldb.com/?id.230663 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-27821
https://notcve.org/view.php?id=CVE-2021-27821
The Web Interface for OpenWRT LuCI version 19.07 and lower has been discovered to have a cross-site scripting vulnerability which can lead to attackers carrying out arbitrary code execution. Se ha detectado que la Interfaz Web para OpenWRT LuCI versión 19.07 y anteriores presenta una vulnerabilidad de tipo cross-site scripting que puede conllevar a que los atacantes ejecuten código arbitrario • http://openwrt.com http://openwrtorg.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2014-3593 – luci: privilege escalation through cluster with specially crafted configuration
https://notcve.org/view.php?id=CVE-2014-3593
Eval injection vulnerability in luci 0.26.0 allows remote authenticated users with certain permissions to execute arbitrary Python code via a crafted cluster configuration. Vulnerabilidad de inyección Eval en luci 0.26.0 permite a usuarios remotos autenticados con ciertos permisos, ejecutar código Python arbitrario a través de la manipulación del configuración del cluster. It was discovered that luci used eval() on inputs containing strings from the cluster configuration file when generating its web pages. An attacker with privileges to create or edit the cluster configuration could use this flaw to execute arbitrary code as the luci user on a host running luci. • http://rhn.redhat.com/errata/RHSA-2014-1390.html https://bugzilla.redhat.com/show_bug.cgi?id=989005 https://access.redhat.com/security/cve/CVE-2014-3593 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2013-4481 – luci: short exposure of authentication secrets while generating configuration file
https://notcve.org/view.php?id=CVE-2013-4481
Race condition in Luci 0.26.0 creates /var/lib/luci/etc/luci.ini with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as "authentication secrets." Condición de carrera en Luci 0.26.0 crea /var/lib/luci/etc/luci.ini con permisos de escritura antes de restringir los permisos, lo que permite a usuarios locales leer archivos y obtener información sensible, tal como los "secretos de autenticación". A flaw was found in the way luci generated its configuration file. The file was created as world readable for a short period of time, allowing a local user to gain access to the authentication secrets stored in the configuration file. • http://rhn.redhat.com/errata/RHSA-2013-1603.html https://bugzilla.redhat.com/show_bug.cgi?id=988998 https://access.redhat.com/security/cve/CVE-2013-4481 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2013-4482 – luci: paster hidden untrusted path and "command" (callable association) injection
https://notcve.org/view.php?id=CVE-2013-4482
Untrusted search path vulnerability in python-paste-script (aka paster) in Luci 0.26.0, when started using the initscript, allows local users to gain privileges via a Trojan horse .egg-info file in the (1) current working directory or (2) its parent directories. Vulnerabilidad de ruta de búsqueda no confiable en python-paste-script (también conocido como paster) en Luci 0.26.0, cuando se comienza a usar el initscript, permite a usuarios locales obtener privilegios a través de un caballo de troya en el archivo .egg-info en el (1) directorio de trabajo actual o (2) sus directorios padres. A flaw was found in the way the luci service was initialized. If a system administrator started the luci service from a directory that was writable to by a local user, that user could use this flaw to execute arbitrary code as the root or luci user. • http://rhn.redhat.com/errata/RHSA-2013-1603.html https://bugzilla.redhat.com/show_bug.cgi?id=990321 https://access.redhat.com/security/cve/CVE-2013-4482 •