PT-2019-14235 · Openwrt · Libuci+1
Publicado
2019-08-23
·
Atualizado
2021-01-03
·
CVE-2019-15513
CVSS v2.0
7.8
Alta
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
OpenWrt libuci versions prior to 15.05.1
Description
An issue was discovered in OpenWrt libuci, where /tmp/.uci/network locking is mishandled after reception of a long SetWanSettings command, leading to a device hang.
Recommendations
For versions prior to 15.05.1, update to version 15.05.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the SetWanSettings command to minimize the risk of exploitation.
Exploit
Correção
Improper Locking
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Openwrt
Libuci