OpenNDS

CVEs (14)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2024-25763	OpenNDS OpenNDS	—	0.00	Feb 26, 2024	openNDS 10.2.0 is vulnerable to Use-After-Free via /openNDS/src/auth.c.
CVE-2023-38318	OpenNDS OpenNDS	—	0.00	Jan 26, 2024	An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the gateway FQDN entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.
CVE-2023-38317	OpenNDS OpenNDS	—	0.00	Jan 26, 2024	An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.
CVE-2023-38323	OpenNDS OpenNDS	—	0.00	Jan 26, 2024	An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the status path script entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.
CVE-2023-38319	OpenNDS OpenNDS	—	0.00	Jan 26, 2024	An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the FAS key entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.
CVE-2023-38321	Sierrawireless Aleos	—	0.00	Dec 25, 2023	OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference, daemon crash, and Captive Portal outage) via a GET request to /opennds_auth/ that lacks a custom query string parameter…
CVE-2023-38324	OpenNDS OpenNDS	—	0.01	Nov 17, 2023	An issue was discovered in OpenNDS before 10.1.2. It allows users to skip the splash page sequence (and directly authenticate) when it is using the default FAS key and OpenNDS is configured as FAS. Affected OpenNDS Captive Portal before version 10.1.2 fixed in OpenWrt master,…
CVE-2023-38322	OpenNDS OpenNDS	—	0.01	Nov 17, 2023	An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a do_binauth NULL pointer dereference that be triggered with a crafted GET HTTP request with a missing User-Agent HTTP header. Triggering this issue results in crashing OpenNDS (a Denial-of-Service…
CVE-2023-41102	OpenNDS OpenNDS	—	0.00	Nov 17, 2023	An issue was discovered in the captive portal in OpenNDS before version 10.1.3. It has multiple memory leaks due to not freeing up allocated memory. This may lead to a Denial-of-Service condition due to the consumption of all available memory. Affected OpenNDS before version…
CVE-2023-38315	OpenNDS OpenNDS	—	0.00	Nov 17, 2023	An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a try_to_authenticate NULL pointer dereference that can be triggered with a crafted GET HTTP with a missing client token query string parameter. Triggering this issue results in crashing OpenNDS (a…
CVE-2023-38320	OpenNDS OpenNDS	—	0.01	Nov 17, 2023	An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a show_preauthpage NULL pointer dereference that can be triggered with a crafted GET HTTP with a missing User-Agent header. Triggering this issue results in crashing OpenNDS (a Denial-of-Service…
CVE-2023-38316	OpenNDS OpenNDS	—	0.01	Nov 17, 2023	An issue was discovered in OpenNDS Captive Portal before version 10.1.2. When the custom unescape callback is enabled, attackers can execute arbitrary OS commands by inserting them into the URL portion of HTTP GET requests. Affected OpenNDS Captive Portal before version 10.1.2…
CVE-2023-41101	OpenNDS OpenNDS	—	0.05	Nov 17, 2023	An issue was discovered in the captive portal in OpenNDS before version 10.1.3. get_query in http_microhttpd.c does not validate the length of the query string of GET requests. This leads to a stack-based buffer overflow in versions 9.x and earlier, and to a heap-based buffer…
CVE-2023-38313	OpenNDS OpenNDS	—	0.00	Nov 17, 2023	An issue was discovered in OpenNDS Captive Portal before 10.1.2. it has a do_binauth NULL pointer dereference that can be triggered with a crafted GET HTTP request with a missing client redirect query string parameter. Triggering this issue results in crashing openNDS (a…

CVE-2024-25763Feb 26, 2024
OpenNDS
OpenNDS
risk 0.00cvss —epss 0.00
openNDS 10.2.0 is vulnerable to Use-After-Free via /openNDS/src/auth.c.
CVE-2023-38318Jan 26, 2024
OpenNDS
OpenNDS
risk 0.00cvss —epss 0.00
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the gateway FQDN entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.
CVE-2023-38317Jan 26, 2024
OpenNDS
OpenNDS
risk 0.00cvss —epss 0.00
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.
CVE-2023-38323Jan 26, 2024
OpenNDS
OpenNDS
risk 0.00cvss —epss 0.00
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the status path script entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.
CVE-2023-38319Jan 26, 2024
OpenNDS
OpenNDS
risk 0.00cvss —epss 0.00
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the FAS key entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands.
CVE-2023-38321Dec 25, 2023
Sierrawireless
Aleos
risk 0.00cvss —epss 0.00
OpenNDS, as used in Sierra Wireless ALEOS before 4.17.0.12 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference, daemon crash, and Captive Portal outage) via a GET request to /opennds_auth/ that lacks a custom query string parameter…
CVE-2023-38324Nov 17, 2023
OpenNDS
OpenNDS
risk 0.00cvss —epss 0.01
An issue was discovered in OpenNDS before 10.1.2. It allows users to skip the splash page sequence (and directly authenticate) when it is using the default FAS key and OpenNDS is configured as FAS. Affected OpenNDS Captive Portal before version 10.1.2 fixed in OpenWrt master,…
CVE-2023-38322Nov 17, 2023
OpenNDS
OpenNDS
risk 0.00cvss —epss 0.01
An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a do_binauth NULL pointer dereference that be triggered with a crafted GET HTTP request with a missing User-Agent HTTP header. Triggering this issue results in crashing OpenNDS (a Denial-of-Service…
CVE-2023-41102Nov 17, 2023
OpenNDS
OpenNDS
risk 0.00cvss —epss 0.00
An issue was discovered in the captive portal in OpenNDS before version 10.1.3. It has multiple memory leaks due to not freeing up allocated memory. This may lead to a Denial-of-Service condition due to the consumption of all available memory. Affected OpenNDS before version…
CVE-2023-38315Nov 17, 2023
OpenNDS
OpenNDS
risk 0.00cvss —epss 0.00
An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a try_to_authenticate NULL pointer dereference that can be triggered with a crafted GET HTTP with a missing client token query string parameter. Triggering this issue results in crashing OpenNDS (a…
CVE-2023-38320Nov 17, 2023
OpenNDS
OpenNDS
risk 0.00cvss —epss 0.01
An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a show_preauthpage NULL pointer dereference that can be triggered with a crafted GET HTTP with a missing User-Agent header. Triggering this issue results in crashing OpenNDS (a Denial-of-Service…
CVE-2023-38316Nov 17, 2023
OpenNDS
OpenNDS
risk 0.00cvss —epss 0.01
An issue was discovered in OpenNDS Captive Portal before version 10.1.2. When the custom unescape callback is enabled, attackers can execute arbitrary OS commands by inserting them into the URL portion of HTTP GET requests. Affected OpenNDS Captive Portal before version 10.1.2…
CVE-2023-41101Nov 17, 2023
OpenNDS
OpenNDS
risk 0.00cvss —epss 0.05
An issue was discovered in the captive portal in OpenNDS before version 10.1.3. get_query in http_microhttpd.c does not validate the length of the query string of GET requests. This leads to a stack-based buffer overflow in versions 9.x and earlier, and to a heap-based buffer…
CVE-2023-38313Nov 17, 2023
OpenNDS
OpenNDS
risk 0.00cvss —epss 0.00
An issue was discovered in OpenNDS Captive Portal before 10.1.2. it has a do_binauth NULL pointer dereference that can be triggered with a crafted GET HTTP request with a missing client redirect query string parameter. Triggering this issue results in crashing openNDS (a…