QwikSec

Security Database

CVE

CWE

Training

CVE-2019-15513

Published: Aug 23, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

An issue was discovered in OpenWrt libuci (aka Library for the Unified Configuration Interface) before 15.05.1 as used on Motorola CX2L MWR04L 1.01 and C1 MWR03 1.01 devices. /tmp/.uci/network locking is mishandled after reception of a long SetWanSettings command, leading to a device hang.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/TeamSeri0us/pocs/blob/master/iot/morouter/motorola%E8%B7%AF%E7%94%B1%E5%99%A8%E6%96%87%E4%BB%B6%E8%A7%A3%E9%94%81%E6%BC%8F%E6%B4%9E.pdf

x_refsource_MISC

https://lists.infradead.org/pipermail/openwrt-devel/2019-November/019736.html

x_refsource_MISC

https://git.openwrt.org/?p=project/uci.git%3Ba=commitdiff%3Bh=19e29ffc15dbd958e8e6a648ee0982c68353516f

x_refsource_CONFIRM

https://lists.openwrt.org/pipermail/openwrt-devel/2019-November/025453.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.