CVE-2019-15513

Summary

CVE	CVE-2019-15513
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2019-08-23 07:15:00 UTC
Updated	2023-11-07 03:05:00 UTC
Description	An issue was discovered in OpenWrt libuci (aka Library for the Unified Configuration Interface) before 15.05.1 as used on Motorola CX2L MWR04L 1.01 and C1 MWR03 1.01 devices. /tmp/.uci/network locking is mishandled after reception of a long SetWanSettings command, leading to a device hang.

Risk And Classification

Problem Types: CWE-667

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Motorola	C1 Mwr03	-	All	All	All
Hardware	Motorola	C1 Mwr03	-	All	All	All
Operating System	Motorola	C1 Mwr03 Firmware	1.01	All	All	All
Operating System	Motorola	C1 Mwr03 Firmware	1.01	All	All	All
Hardware	Motorola	Cx2l Mwr04l	-	All	All	All
Hardware	Motorola	Cx2l Mwr04l	-	All	All	All
Operating System	Motorola	Cx2l Mwr04l Firmware	1.01	All	All	All
Operating System	Motorola	Cx2l Mwr04l Firmware	1.01	All	All	All
Application	Openwrt	Libuci	-	All	All	All
Application	Openwrt	Libuci	-	All	All	All

References

Reference	Source	Link	Tags
git.openwrt.org Git - project/uci.git/commitdiff		git.openwrt.org
404 Not Found	MISC	lists.infradead.org
[OpenWrt-Devel] CVE-2019-15513 analysis	MISC	lists.openwrt.org
pocs/motorola路由器文件解锁漏洞.pdf at master · TeamSeri0us/pocs · GitHub	MISC	github.com	Exploit, Third Party Advisory
git.openwrt.org Git - project/uci.git/commitdiff	CONFIRM	git.openwrt.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.