ByteOS Network

NVD Vulnerability Details :

CVE-2023-24182

Modified

Source-cve@mitre.org

Published At-11 Apr, 2023 | 01:15

Updated At-11 Feb, 2025 | 17:15

LuCI openwrt-22.03 branch git-22.361.69894-438c598 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component /system/sshkeys.js.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	5.4	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Secondary	3.1	5.4	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CPE Matches

OpenWrt

>>openwrt>>22.03.3

cpe:2.3:o:openwrt:openwrt:22.03.3:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-79	Primary	nvd@nist.gov
CWE-79	Secondary	134c704f-9b21-4f2e-91b3-4a467353bcc0

References

Hyperlink	Source	Resource
https://github.com/ABB-EL/external-vulnerability-disclosures/security/advisories/GHSA-7vqh-2r8q-rjg2	cve@mitre.org	Exploit Third Party Advisory
https://github.com/openwrt/luci/commit/0186d7eae0e123a409e9919a83fdfecc7945c984	cve@mitre.org	Patch
https://github.com/openwrt/luci/commit/588381e2111079265cc3b20af33507052f1b58cb	cve@mitre.org	Patch
https://github.com/openwrt/luci/commit/aa7938d4cb3a3f889dead894ea19334ad07ade51	cve@mitre.org	Patch
https://github.com/ABB-EL/external-vulnerability-disclosures/security/advisories/GHSA-7vqh-2r8q-rjg2	af854a3a-2127-422b-91ae-364da2661108	Exploit Third Party Advisory
https://github.com/openwrt/luci/commit/0186d7eae0e123a409e9919a83fdfecc7945c984	af854a3a-2127-422b-91ae-364da2661108	Patch
https://github.com/openwrt/luci/commit/588381e2111079265cc3b20af33507052f1b58cb	af854a3a-2127-422b-91ae-364da2661108	Patch
https://github.com/openwrt/luci/commit/aa7938d4cb3a3f889dead894ea19334ad07ade51	af854a3a-2127-422b-91ae-364da2661108	Patch

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History