Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

openwrt — Vulnerabilities & Security Advisories 10

Browse all 10 CVE security advisories affecting openwrt. AI-powered Chinese analysis, POCs, and references for each vulnerability.

OpenWRT serves as a Linux-based firmware alternative for embedded networking devices, primarily used to extend router functionality and custom networking solutions. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from web interface components and default configurations. The project maintains a relatively low CVE count compared to commercial alternatives, with current vulnerabilities primarily affecting specific packages rather than the core system. While no major security incidents have been widely documented, the project's open nature allows for rapid vulnerability identification and patching, though users must remain vigilant with updates to mitigate risks associated with third-party package installations.

Top products by openwrt: OpenWRT asu luci
CVE IDTitleCVSSSeverityPublished
CVE-2026-32721 LuCI luci-mod-network: Possible XSS attack in WiFi scan on Joining Wireless Client modal — luciCWE-79 8.6 High2026-03-19
CVE-2026-30874 OpenWrt procd PATH Environment Variable Filter Bypass via Incorrect String Comparison Leads to Privilege Escalation — openwrtCWE-187 8.8 -2026-03-19
CVE-2026-30873 OpenWrt Project jsonpath: Memory leak when processing strings, labels, and regexp tokens — openwrtCWE-401 7.5 -2026-03-19
CVE-2026-30872 OpenWrt Project has a Stack-based Buffer Overflow vulnerability via IPv6 reverse DNS lookup — openwrtCWE-121 10.0 -2026-03-19
CVE-2026-30871 OpenWrt Project has Stack-based Buffer Overflow in DNS PTR Query — openwrtCWE-121 10.0 -2026-03-19
CVE-2025-62526 OpenWrt ubusd vulnerable to heap buffer overflow — openwrtCWE-122 7.9 High2025-10-22
CVE-2025-62525 OpenWrt vulnerable to local privilage escalation — openwrtCWE-20 7.9 High2025-10-22
CVE-2024-54143 openwrt/asu allows build artifact poisoning via truncated SHA-256 hash and command injection — asuCWE-328 8.8 -2024-12-06
CVE-2019-5102 OpenWrt 信任管理问题漏洞 — OpenWRTCWE-295 4.0 Medium2019-11-18
CVE-2019-5101 OpenWrt 信任管理问题漏洞 — OpenWRTCWE-295 4.0 Medium2019-11-18

This page lists every published CVE security advisory associated with openwrt. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.