LOW🇵🇱 Wersja polska

CVE-2026-30874

CVSS 1.8v4.0pub. 2026-03-19upd. 2026-03-23

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6, a vulnerability in the hotplug_call function allows an attacker to bypass environment variable filtering and inject an arbitrary PATH variable, potentially leading to privilege escalation. The function is intended to filter out sensitive environment variables like PATH when executing hotplug scripts in /etc/hotplug.d, but a bug using strcmp instead of strncmp causes the filter to compare the full environment string (e.g., PATH=/some/value) against the literal "PATH", so the match always fails. As a result, the PATH variable is never excluded, enabling an attacker to control which binaries are executed by procd-invoked scripts running with elevated privileges. This issue has been fixed in version 24.10.6.

CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Openwrt

    OS
    Openwrt
    < 24.10.6
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
LPE
CWE
References

Related vulnerabilities

CVE-2026-30872CRITICAL9.5PL ✓ten sam produkt

Stack-based Buffer Overflow w mdns daemon OpenWrt — możliwy RCE

CVE-2026-30871CRITICAL9.5PL ✓ten sam produkt

Stack-based Buffer Overflow w demonie mdns OpenWrt — przepełnienie stosu przez PTR query

CVE-2025-20682CRITICAL9.8PL ✓ten sam produkt

Out-of-bounds write w sterowniku WLAN AP MediaTek — privilege escalation

CVE-2025-20681CRITICAL9.8PL ✓ten sam produkt

Out-of-bounds write w sterowniku WLAN AP MediaTek – privilege escalation

CVE-2025-20683CRITICAL9.8PL ✓ten sam produkt

Out of bounds write w sterowniku wlan AP — eskalacja uprawnień na układach MediaTek