Filtered by vendor Openwrt Subscriptions
Total 151 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2026-30874 1 Openwrt 1 Openwrt 2026-03-25 7.8 High
OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6, a vulnerability in the hotplug_call function allows an attacker to bypass environment variable filtering and inject an arbitrary PATH variable, potentially leading to privilege escalation. The function is intended to filter out sensitive environment variables like PATH when executing hotplug scripts in /etc/hotplug.d, but a bug using strcmp instead of strncmp causes the filter to compare the full environment string (e.g., PATH=/some/value) against the literal "PATH", so the match always fails. As a result, the PATH variable is never excluded, enabling an attacker to control which binaries are executed by procd-invoked scripts running with elevated privileges. This issue has been fixed in version 24.10.6.
CVE-2025-20734 3 Mediatek, Mediatk, Openwrt 18 Mt6890, Mt7615, Mt7622 and 15 more 2026-02-26 4.2 Medium
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00441507; Issue ID: MSV-4112.
CVE-2025-20732 3 Mediatek, Mediatk, Openwrt 18 Mt6890, Mt7615, Mt7622 and 15 more 2026-02-26 5.3 Medium
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege (when OceReducedNeighborReport is disabled). User interaction is not needed for exploitation. Patch ID: WCNCR00441510; Issue ID: MSV-4139.
CVE-2025-20731 2 Mediatek, Openwrt 10 Mt6890, Mt7615, Mt7622 and 7 more 2026-02-26 5.3 Medium
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege (when OceReducedNeighborReport is disabled). User interaction is not needed for exploitation. Patch ID: WCNCR00441511; Issue ID: MSV-4140.
CVE-2025-20650 5 Google, Linuxfoundation, Mediatek and 2 more 25 Android, Yocto, Mt2737 and 22 more 2026-02-26 6.8 Medium
In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291294; Issue ID: MSV-2061.
CVE-2024-20146 4 Google, Linuxfoundation, Mediatek and 1 more 30 Android, Yocto, Mt2737 and 27 more 2026-02-26 8.1 High
In wlan STA driver, there is a possible out of bounds write due to improper input validation. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389496 / ALPS09137491; Issue ID: MSV-1835.
CVE-2025-20654 2 Mediatek, Openwrt 8 Mt6890, Mt7622, Mt7915 and 5 more 2026-02-26 9.8 Critical
In wlan service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00406897; Issue ID: MSV-2875.
CVE-2025-20674 2 Mediatek, Openwrt 11 Mt6890, Mt6990, Mt7915 and 8 more 2026-02-26 9.8 Critical
In wlan AP driver, there is a possible way to inject arbitrary packet due to a missing permission check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00413202; Issue ID: MSV-3303.
CVE-2025-20705 4 Google, Linuxfoundation, Mediatek and 1 more 43 Android, Yocto, Monitor Hang and 40 more 2026-02-26 7.8 High
In monitor_hang, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09989078; Issue ID: MSV-3964.
CVE-2025-20712 2 Mediatek, Openwrt 12 Mt6799, Mt6990, Mt6990 Firmware and 9 more 2026-02-26 8.8 High
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00422323; Issue ID: MSV-3810.
CVE-2025-20711 2 Mediatek, Openwrt 6 Mt6890, Mt7916, Mt7981 and 3 more 2026-02-26 8.8 High
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00422399; Issue ID: MSV-3748.
CVE-2025-20710 2 Mediatek, Openwrt 7 Mt6890, Mt7915, Mt7916 and 4 more 2026-02-26 8.8 High
In wlan AP driver, there is a possible out of bounds write due to an integer overflow. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418785; Issue ID: MSV-3515.
CVE-2025-20709 2 Mediatek, Openwrt 12 Mt6890, Mt6890 Firmware, Mt7915 and 9 more 2026-02-26 8.8 High
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00415809; Issue ID: MSV-3405.
CVE-2025-20718 2 Mediatek, Openwrt 10 Mt6890, Mt7615, Mt7622 and 7 more 2026-02-26 7.8 High
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00419945; Issue ID: MSV-3581.
CVE-2025-20719 2 Mediatek, Openwrt 10 Mt6890, Mt7603, Mt7615 and 7 more 2026-02-26 8.8 High
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418955; Issue ID: MSV-3570.
CVE-2025-20720 2 Mediatek, Openwrt 10 Mt6890, Mt7603, Mt7615 and 7 more 2026-02-26 8.8 High
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418954; Issue ID: MSV-3569.
CVE-2025-20713 2 Mediatek, Openwrt 10 Mt6890, Mt7615, Mt7622 and 7 more 2026-02-26 7.8 High
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00432661; Issue ID: MSV-3904.
CVE-2025-20714 2 Mediatek, Openwrt 18 Mt6890, Mt6890 Firmware, Mt7615 and 15 more 2026-02-26 7.8 High
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00432659; Issue ID: MSV-3902.
CVE-2025-20715 2 Mediatek, Openwrt 10 Mt6890, Mt7615, Mt7622 and 7 more 2026-02-26 7.8 High
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00421152; Issue ID: MSV-3731.
CVE-2025-20716 2 Mediatek, Openwrt 10 Mt6890, Mt7615, Mt7622 and 7 more 2026-02-26 7.8 High
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00421149; Issue ID: MSV-3728.