CVE-2020-28951
CRITICALOpenWrt < 18.06.9 - Use-After-Free in libuci Package Name Parsing
Title source: llmDescription
libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter a use after free when using malicious package names. This is related to uci_parse_package in file.c and uci_strdup in util.c.
References (3)
Core 3
Core References
Various Sources x_refsource_misc
https://git.openwrt.org/?p=project/uci.git%3Ba=commit%3Bh=a3e650911f5e6f67dcff09974df3775dfd615da6
Various Sources x_refsource_misc
https://git.openwrt.org/?p=openwrt/openwrt.git%3Ba=commit%3Bh=5625f5bc36954d644cb80adf8de47854c65d91c3
Various Sources x_refsource_misc
https://git.openwrt.org/?p=openwrt/openwrt.git%3Ba=log%3Bh=refs/tags/v18.06.9
Scores
CVSS v3
9.8
EPSS
0.0174
EPSS Percentile
75.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-416
Status
published
Products (1)
openwrt/openwrt
< 18.06.9
Published
Nov 19, 2020
Tracked Since
Feb 18, 2026