Notification of Security Vulnerability Report sent to contact at openwrt.org
Paul Spooren
mail at aparcar.org
Sun Nov 23 04:45:51 PST 2025
Hi,
Please allow us some time to evaluate this. I’ll get back to you via your initial email.
Best,
Paul
> On 23. Nov 2025, at 03:58, 이재현 <leejaehyun0908 at gmail.com> wrote:
>
> Hi OpenWrt Admin Team,
>
> I have sent a security vulnerability report regarding a Heap Buffer
> Overflow in libuci to contact at openwrt.org.
>
> Since the documentation mentions that the contact mailbox is not
> always monitored, I am notifying this list to request a review.
>
> Report Summary:
>
> Component: libuci (Core library)
>
> Severity: High (Heap Corruption / DoS)
>
> Status: Detailed report and PoC sent to contact at openwrt.org today.
>
> Please confirm receipt.
>
> Best regards,
>
> _______________________________________________
> openwrt-adm mailing list
> openwrt-adm at lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-adm
More information about the openwrt-adm
mailing list