Integer Signedness Error in OpenWrt's uhttpd Affects Multiple Versions
CVE-2019-19945

7.5HIGH

Key Information:

Vendor: Openwrt
Status: Openwrt
Vendor: CVE Published:; 16 March 2020

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2019-19945?

The uhttpd web server in OpenWrt, specifically in versions up to 18.06.5 and 19.x until 19.07.0-rc2, is affected by an integer signedness error. This vulnerability enables out-of-bounds access to a heap buffer, potentially leading to server crashes. Attackers can exploit this issue by sending an HTTP POST request to a CGI script with 'Transfer-Encoding: chunked' accompanied by a large negative Content-Length value, causing the server to malfunction.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2019-19945_Test
Created by delicateByte

References

https://github.com/openwrt/openwrt/commits/master

x_refsource_MISC

https://openwrt.org/advisory/2020-01-13-1

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Jun 21, 2022
👾
Exploit known to exist
Jun 21, 2022
Vulnerability published
Mar 16, 2020
Vulnerability Reserved
Dec 23, 2019

JSON

Openwrt

Badges

What is CVE-2019-19945?

Exploit Proof of Concept (PoC)

References

CVSS V3.1

Timeline