VYPR
← All advisories
Unrated severityNVD Advisory· Published Nov 17, 2023· Updated Aug 2, 2024

CVE-2023-38315

CVE-2023-38315

Description

An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a try_to_authenticate NULL pointer dereference that can be triggered with a crafted GET HTTP with a missing client token query string parameter. Triggering this issue results in crashing OpenNDS (a Denial-of-Service condition). Affected OpenNDS Captive Portal before version 10.1.2 fixed in OpenWrt master, OpenWrt 23.05 and OpenWrt 22.03 on 28. August 2023 by updating OpenNDS to version 10.1.3.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A crafted GET HTTP request missing a client token parameter triggers a NULL pointer dereference in OpenNDS before 10.1.2, causing a denial-of-service crash.

Vulnerability

The vulnerability resides in the try_to_authenticate function of OpenNDS Captive Portal versions prior to 10.1.2 [1]. A specially crafted GET HTTP request that lacks a client token query string parameter causes a NULL pointer dereference [1]. This was fixed in OpenWrt master, OpenWrt 23.05, and OpenWrt 22.03 on 28 August 2023 by updating OpenNDS to version 10.1.3 [2].

Exploitation

An unauthenticated attacker with network access to the OpenNDS Captive Portal can send a crafted GET HTTP request that omits the required client token parameter [1]. No authentication or user interaction is needed, as the vulnerable code path is reachable by default. The trivial trigger leads directly to the crash [1].

Impact

Successful exploitation results in a NULL pointer dereference that crashes the OpenNDS process, causing a denial-of-service condition [1]. This disrupts captive portal functionality, preventing legitimate users from authenticating and accessing the network [1].

Mitigation

Users must upgrade to OpenNDS version 10.1.2 or later [1]. The official fix was included in OpenNDS 10.1.3 [2]. OpenWrt users should update OpenNDS to 10.1.3 via their package manager [2]. Sierra Wireless devices using ALEOS may also be affected and should update to ALEOS 4.17 [3].

References
  1. Release OpenNDS v10.1.2 release · openNDS/openNDS
  2. opennds: update to version 10.1.3 · openwrt/routing@0b19771
  3. SWI-PSA-2023-006 V4: Product Security Advisory: ALEOS Security Advisory

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

4

Patches

0

No patches discovered yet.

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

3

News mentions

0

No linked articles in our index yet.