Known Vulnerabilities for products from Openwrt
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Openwrt".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-32721 json | LuCI is the OpenWrt Configuration Interface. Versions prior to both 24.10.5 and 25.12.0, contain a stored XSS vulnerability i... | Not Provided | 2026-03-19 | 2026-04-14 |
| CVE-2023-32855 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.7 - MEDIUM | 2023-12-04 | 2023-12-07 |
| CVE-2023-32815 json | In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local informatio... | 4.4 - MEDIUM | 2023-09-04 | 2023-09-07 |
| CVE-2023-32813 json | In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local informati... | 4.4 - MEDIUM | 2023-09-04 | 2023-09-07 |
| CVE-2023-32812 json | In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local esclation... | 6.7 - MEDIUM | 2023-09-04 | 2023-09-07 |
| CVE-2023-32806 json | In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation... | 6.7 - MEDIUM | 2023-09-04 | 2023-09-07 |
| CVE-2023-24182 json | LuCI openwrt-22.03 branch git-22.361.69894-438c598 was discovered to contain a stored cross-site scripting (XSS) vulnerabilit... | 5.4 - MEDIUM | 2023-04-11 | 2023-05-24 |
| CVE-2023-24181 json | LuCI openwrt-22.03 branch git-22.361.69894-438c598 was discovered to contain a reflected cross-site scripting (XSS) vulnerabi... | 5.4 - MEDIUM | 2023-04-10 | 2023-04-13 |
| CVE-2023-20832 json | In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privile... | 6.7 - MEDIUM | 2023-09-04 | 2023-09-07 |
| CVE-2023-20831 json | In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privile... | 6.7 - MEDIUM | 2023-09-04 | 2023-09-07 |
| CVE-2023-20830 json | In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privile... | 6.7 - MEDIUM | 2023-09-04 | 2023-09-07 |
| CVE-2023-20829 json | In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privile... | 6.7 - MEDIUM | 2023-09-04 | 2023-09-07 |
| CVE-2023-20828 json | In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privile... | 6.7 - MEDIUM | 2023-09-04 | 2023-09-07 |
| CVE-2023-20821 json | In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privi... | 6.7 - MEDIUM | 2023-09-04 | 2023-09-07 |
| CVE-2023-20820 json | In wlan service, there is a possible command injection due to improper input validation. This could lead to remote code execu... | 7.2 - HIGH | 2023-09-04 | 2023-09-07 |
| CVE-2023-20796 json | In power, there is a possible memory corruption due to an incorrect bounds check. This could lead to local denial of service ... | 4.4 - MEDIUM | 2023-08-07 | 2023-08-09 |
| CVE-2023-20790 json | In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclos... | 4.4 - MEDIUM | 2023-08-07 | 2023-08-09 |
| CVE-2023-20775 json | In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of pri... | 6.7 - MEDIUM | 2023-07-04 | 2023-07-10 |
| CVE-2023-20726 json | In mnld, there is a possible leak of GPS location due to a missing permission check. This could lead to local information dis... | 3.3 - LOW | 2023-05-15 | 2023-05-24 |
| CVE-2023-20725 json | In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of p... | 6.7 - MEDIUM | 2023-06-06 | 2023-06-09 |