First published: Mon Mar 16 2020(Updated: )
libubox in OpenWrt before 18.06.7 and 19.x before 19.07.1 has a tagged binary data JSON serialization vulnerability that may cause a stack based buffer overflow.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
OpenWrt OpenWrt | >=18.06.0<18.06.7 | |
OpenWrt OpenWrt | =19.07.0 | |
OpenWrt OpenWrt | =19.07.0-rc1 | |
OpenWrt OpenWrt | =19.07.0-rc2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-7248 is a vulnerability in libubox in OpenWrt before 18.06.7 and 19.x before 19.07.1 that has a tagged binary data JSON serialization vulnerability that may cause a stack-based buffer overflow.
CVE-2020-7248 has a severity value of 7.5 (high).
The vulnerability affects OpenWrt versions before 18.06.7 and 19.x before 19.07.1.
To fix CVE-2020-7248, it is recommended to update OpenWrt to version 18.06.7 or 19.07.1.
You can find more information about CVE-2020-7248 on the OpenWrt advisory page (https://openwrt.org/advisory/2020-01-31-2) and the NVD website (https://nvd.nist.gov/vuln/detail/CVE-2020-7248#range-4512438).