Vulnerability Description
An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a show_preauthpage NULL pointer dereference that can be triggered with a crafted GET HTTP with a missing User-Agent header. Triggering this issue results in crashing OpenNDS (a Denial-of-Service condition). This problem was fixed in OpenWrt master, OpenWrt 23.05 and OpenWrt 22.03 on 28. August 2023 by updating OpenNDS to version 10.1.3.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Opennds | Captive Portal | < 10.1.2 |
Related Weaknesses (CWE)
References
- https://github.com/openNDS/openNDS/releases/tag/v10.1.2Release NotesVendor Advisory
- https://github.com/openwrt/routing/commit/0b19771fb2dd81e7c428759610aed583171eed
- https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-t
- https://github.com/openNDS/openNDS/releases/tag/v10.1.2Release NotesVendor Advisory
- https://github.com/openwrt/routing/commit/0b19771fb2dd81e7c428759610aed583171eed
- https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-t
FAQ
What is CVE-2023-38320?
CVE-2023-38320 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a show_preauthpage NULL pointer dereference that can be triggered with a crafted GET HTTP with a missing User-Agent head...
How severe is CVE-2023-38320?
CVE-2023-38320 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-38320?
Check the references section above for vendor advisories and patch information. Affected products include: Opennds Captive Portal.