CVE-2020-7248
HIGHOpenWrt < 18.06.7 and 19.x < 19.07.1 - Stack-Based Buffer Overflow in libubox JSON Serialization
Title source: llmDescription
libubox in OpenWrt before 18.06.7 and 19.x before 19.07.1 has a tagged binary data JSON serialization vulnerability that may cause a stack based buffer overflow.
References (3)
Core 3
Core References
Patch, Third Party Advisory x_refsource_misc
https://github.com/openwrt/openwrt/commits/master
Vendor Advisory x_refsource_confirm
https://openwrt.org/advisory/2020-01-31-2
Third Party Advisory, US Government Resource x_refsource_misc
https://nvd.nist.gov/vuln/detail/CVE-2020-7248#range-4512438
Scores
CVSS v3
7.5
EPSS
0.0249
EPSS Percentile
82.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-787
Status
published
Products (2)
openwrt/openwrt
19.07.0 (3 CPE variants)
openwrt/openwrt
18.06.0 - 18.06.7
Published
Mar 16, 2020
Tracked Since
Feb 18, 2026