CVE-2026-30872

Medienbericht

EPSS 0.1%
Veröffentlicht 19.03.2026 21:56:23
Zuletzt bearbeitet 20.03.2026 13:39:46
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6 and 25.12.1, the mdns daemon has a Stack-based Buffer Overflow vulnerability in the match_ipv6_addresses function, triggered when processing PTR queries for IPv6 reverse DNS domains (.ip6.arpa) received via multicast DNS on UDP port 5353. During processing, the domain name from name_buffer is copied via strcpy into a fixed 256-byte stack buffer, and then the reverse IPv6 request is extracted into a buffer of only 46 bytes (INET6_ADDRSTRLEN). Because the length of the data is never validated before this extraction, an attacker can supply input larger than 46 bytes, causing an out-of-bounds write. This allows a specially crafted DNS query to overflow the stack buffer in match_ipv6_addresses, potentially enabling remote code execution. This issue has been fixed in versions 24.10.6 and 25.12.1.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

Herstelleropenwrt

≫

Produkt openwrt

Version >= 25.12.0-rc1, < 25.12.1

Status affected

Version < 24.10.6

Status affected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.1%	0.264

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
security-advisories@github.com	9.5	0	0	CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-121 Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

https://www.heise.de/news/OpenWrt-Service-Releases-schliessen-kritische-Sicherheitsluecken-11219084.html

Medienbericht

heise Security

20.03.2026 12:21

https://github.com/openwrt/openwrt/releases/tag/v24.10.6

https://github.com/openwrt/openwrt/releases/tag/v25.12.1

https://github.com/openwrt/openwrt/security/advisories/GHSA-mpgh-v658-jqv5

https://nvd.nist.gov/vuln/detail/CVE-2026-30872

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-30872

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-30872

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-30872