[CYBERDIGEST]
⊞ Dashboard ⚡ Intelligence 📝 Reports 📚 Global Threats 💻 Hack Lab 🗄️ Resources ⌬ 0xJerry's Lab
📡 RSS Feed
System Online

Tag

#OpenWRT

newsHIGH 8.8

CVE-2026-61875: Stored Cross-Site Scripting in luci-app-upnp via UPnP IGD AddPortMapping SOAP Requests

A stored cross-site scripting vulnerability exists in luci-app-upnp, allowing unauthenticated LAN clients to inject JavaScript via UPnP IGD AddPortMapping SOAP requests. This vulnerability has a CVSS score of 8.8 and is considered high severity. Affected users should update luci-app-upnp to the latest version.

Jul 13, 20261 source