CVE-2019-18993
https://notcve.org/view.php?id=CVE-2019-18993
OpenWrt 18.06.4 allows XSS via the "New port forward" Name field to the cgi-bin/luci/admin/network/firewall/forwards URI (this can occur, for example, on a TP-Link Archer C7 device). OpenWrt versión 18.06.4, permite un ataque de tipo XSS por medio del campo de Nombre "New port forward" en el URI cgi-bin/luci/admin/network/firewall/forwards (esto puede presentarse, por ejemplo, en un dispositivo TP-Link Archer C7). • https://github.com/openwrt/luci/commit/c048f23bad54b0a79449652380b317819e0ea978 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-5102
https://notcve.org/view.php?id=CVE-2019-5102
An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by performing a man-in-the-middle attack, providing any certificate, leading to the theft of all the data sent by the client during the first request.An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by performing a man-in-the-middle attack, providing any certificate, leading to the theft of all the data sent by the client during the first request. • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0893 • CWE-295: Improper Certificate Validation •
CVE-2019-5101
https://notcve.org/view.php?id=CVE-2019-5101
An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by performing a man-in-the-middle attack, providing any certificate, leading to the theft of all the data sent by the client during the first request.An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by performing a man-in-the-middle attack, providing any certificate, leading to the theft of all the data sent by the client during the first request. • https://talosintelligence.com/vulnerability_reports/TALOS-2019-0893 • CWE-295: Improper Certificate Validation •
CVE-2019-17367
https://notcve.org/view.php?id=CVE-2019-17367
OpenWRT firmware version 18.06.4 is vulnerable to CSRF via wireless/radio0.network1, wireless/radio1.network1, firewall, firewall/zones, firewall/forwards, firewall/rules, network/wan, network/wan6, or network/lan under /cgi-bin/luci/admin/network/. OpenWRT versión de firmware 18.06.4, es vulnerable a CSRF por medio del archivo wireless/radio0.network1, wireless/radio1.network1, firewall, firewall/zones, firewall/forwards, firewall/rules, network/wan, network/wan6, o network/lan bajo /cgi-bin/luci/admin/network/. • https://github.com/openwrt/luci/commit/f8c6eb67cd9da09ee20248fec6ab742069635e47 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2019-15513
https://notcve.org/view.php?id=CVE-2019-15513
An issue was discovered in OpenWrt libuci (aka Library for the Unified Configuration Interface) before 15.05.1 as used on Motorola CX2L MWR04L 1.01 and C1 MWR03 1.01 devices. /tmp/.uci/network locking is mishandled after reception of a long SetWanSettings command, leading to a device hang. Se detecto un problema un problema en OpenWrt libuci (también conocida como Biblioteca para la Interfaz de Configuración Unificada) en versiones anteriores a la 15.05.1 como se utiliza en los dispositivos Motorola CX2L MWR04L 1.01 y C1 MWR03 1.01. /tmp/.uci/network locking se maneja incorrectamente después de la recepción de un comando SetWanSettings largo, lo que lleva a un bloqueo del dispositivo. • https://git.openwrt.org/?p=project/uci.git%3Ba=commitdiff%3Bh=19e29ffc15dbd958e8e6a648ee0982c68353516f https://github.com/TeamSeri0us/pocs/blob/master/iot/morouter/motorola%E8%B7%AF%E7%94%B1%E5%99%A8%E6%96%87%E4%BB%B6%E8%A7%A3%E9%94%81%E6%BC%8F%E6%B4%9E.pdf https://lists.infradead.org/pipermail/openwrt-devel/2019-November/019736.html https://lists.openwrt.org/pipermail/openwrt-devel/2019-November/025453.html • CWE-667: Improper Locking •