CVE-2019-18992

Published: Dec 3, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

OpenWrt 18.06.4 allows XSS via these Name fields to the cgi-bin/luci/admin/network/firewall/rules URI: "Open ports on router" and "New forward rule" and "New Source NAT" (this can occur, for example, on a TP-Link Archer C7 device).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/openwrt/luci/commit/3961268597abba4c2b231790cb4aa7936e73cdf8

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-18992

Description

Affected Products

References