CVE-2018-11116

Name of the Vulnerable Software and Affected Versions OpenWrt (affected versions not specified)

Description The issue concerns the mishandling of access control in certain configuration files, potentially allowing remote authenticated users to call arbitrary methods, which could lead to remote Information Disclosure or Code Execution. This is demonstrated by access to the file, log, and service namespaces. However, it's noted that the developer disputes this as a vulnerability, stating that the functionality operates as intended.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.