Openwrt · Openwrt Luci Lts · CVE-2024-51240
**Name of the Vulnerable Software and Affected Versions**
OpenWRT Luci LTS (affected versions not specified)
**Description**
The issue is related to the luci-mod-rpc package in OpenWRT Luci LTS, which allows for privilege escalation from an admin account to root via the JSON-RPC-API. This is due to insufficient protection of registration data in the LuCI web interface. An attacker can exploit this issue to gain root privileges remotely.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.