CVE-2019-17367

openwrt/luci

on github

Published

October 18, 2019

Severity

CVSS v3:

8.8 HIGH

CVSS v2:

6.8 MEDIUM

Description

OpenWRT firmware version 18.06.4 is vulnerable to CSRF via wireless/radio0.network1, wireless/radio1.network1, firewall, firewall/zones, firewall/forwards, firewall/rules, network/wan, network/wan6, or network/lan under /cgi-bin/luci/admin/network/.

References

https://github.com/openwrt/luci/commit/f8c6eb67cd9da09ee20248fec6ab742069635e47

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:openwrt:openwrt:18:06.4::::::	n/a	n/a	18

External Links

NVD - CVE-2019-17367