CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-30872

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6 and 25.12.1, the mdns daemon has a Stack-based Buffer Overflow vulnerability in the match_ipv6_addresses function, triggered when processing PTR queries for IPv6 reverse DNS domains (.ip6.arpa) received via multicast DNS on UDP port 5353. During processing, the domain name from name_buffer is copied via strcpy into a fixed 256-byte stack buffer, and then the reverse IPv6 request is extracted into a buffer of only 46 bytes (INET6_ADDRSTRLEN). Because the length of the data is never validated before this extraction, an attacker can supply input larger than 46 bytes, causing an out-of-bounds write. This allows a specially crafted DNS query to overflow the stack buffer in match_ipv6_addresses, potentially enabling remote code execution. This issue has been fixed in versions 24.10.6 and 25.12.1.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 26.4%

CVSS Severity

CVSS v3 Score 9.8

References

Products affected by CVE-2026-30872

Openwrt » Openwrt » Version: Any

cpe:2.3:o:openwrt:openwrt:*
Openwrt » Openwrt » Version: N/A

cpe:2.3:o:openwrt:openwrt:-
Openwrt » Openwrt » Version: 15.05.1

cpe:2.3:o:openwrt:openwrt:15.05.1
Openwrt » Openwrt » Version: 17.01.0

cpe:2.3:o:openwrt:openwrt:17.01.0
Openwrt » Openwrt » Version: 17.01.1

cpe:2.3:o:openwrt:openwrt:17.01.1
Openwrt » Openwrt » Version: 17.01.2

cpe:2.3:o:openwrt:openwrt:17.01.2
Openwrt » Openwrt » Version: 17.01.3

cpe:2.3:o:openwrt:openwrt:17.01.3
Openwrt » Openwrt » Version: 17.01.4

cpe:2.3:o:openwrt:openwrt:17.01.4
Openwrt » Openwrt » Version: 17.01.5

cpe:2.3:o:openwrt:openwrt:17.01.5
Openwrt » Openwrt » Version: 17.01.6

cpe:2.3:o:openwrt:openwrt:17.01.6
Openwrt » Openwrt » Version: 17.01.7

cpe:2.3:o:openwrt:openwrt:17.01.7
Openwrt » Openwrt » Version: 18.06.0

cpe:2.3:o:openwrt:openwrt:18.06.0
Openwrt » Openwrt » Version: 18.06.1

cpe:2.3:o:openwrt:openwrt:18.06.1
Openwrt » Openwrt » Version: 18.06.2

cpe:2.3:o:openwrt:openwrt:18.06.2
Openwrt » Openwrt » Version: 18.06.3

cpe:2.3:o:openwrt:openwrt:18.06.3
Openwrt » Openwrt » Version: 18.06.4

cpe:2.3:o:openwrt:openwrt:18.06.4
Openwrt » Openwrt » Version: 18.06.5

cpe:2.3:o:openwrt:openwrt:18.06.5
Openwrt » Openwrt » Version: 18.06.6

cpe:2.3:o:openwrt:openwrt:18.06.6
Openwrt » Openwrt » Version: 18.06.7

cpe:2.3:o:openwrt:openwrt:18.06.7
Openwrt » Openwrt » Version: 18.06.8

cpe:2.3:o:openwrt:openwrt:18.06.8
Openwrt » Openwrt » Version: 18.06.9

cpe:2.3:o:openwrt:openwrt:18.06.9
Openwrt » Openwrt » Version: 19.07.0

cpe:2.3:o:openwrt:openwrt:19.07.0
Openwrt » Openwrt » Version: 19.07.1

cpe:2.3:o:openwrt:openwrt:19.07.1
Openwrt » Openwrt » Version: 19.07.10

cpe:2.3:o:openwrt:openwrt:19.07.10
Openwrt » Openwrt » Version: 19.07.2

cpe:2.3:o:openwrt:openwrt:19.07.2
Openwrt » Openwrt » Version: 19.07.3

cpe:2.3:o:openwrt:openwrt:19.07.3
Openwrt » Openwrt » Version: 19.07.4

cpe:2.3:o:openwrt:openwrt:19.07.4
Openwrt » Openwrt » Version: 19.07.5

cpe:2.3:o:openwrt:openwrt:19.07.5
Openwrt » Openwrt » Version: 19.07.6

cpe:2.3:o:openwrt:openwrt:19.07.6
Openwrt » Openwrt » Version: 19.07.7

cpe:2.3:o:openwrt:openwrt:19.07.7
Openwrt » Openwrt » Version: 19.07.8

cpe:2.3:o:openwrt:openwrt:19.07.8
Openwrt » Openwrt » Version: 19.07.9

cpe:2.3:o:openwrt:openwrt:19.07.9
Openwrt » Openwrt » Version: 21.02

cpe:2.3:o:openwrt:openwrt:21.02
Openwrt » Openwrt » Version: 21.02.0

cpe:2.3:o:openwrt:openwrt:21.02.0
Openwrt » Openwrt » Version: 21.02.1

cpe:2.3:o:openwrt:openwrt:21.02.1
Openwrt » Openwrt » Version: 21.02.2

cpe:2.3:o:openwrt:openwrt:21.02.2
Openwrt » Openwrt » Version: 21.02.3

cpe:2.3:o:openwrt:openwrt:21.02.3
Openwrt » Openwrt » Version: 21.02.4

cpe:2.3:o:openwrt:openwrt:21.02.4
Openwrt » Openwrt » Version: 21.02.5

cpe:2.3:o:openwrt:openwrt:21.02.5
Openwrt » Openwrt » Version: 21.02.6

cpe:2.3:o:openwrt:openwrt:21.02.6
Openwrt » Openwrt » Version: 21.02.7

cpe:2.3:o:openwrt:openwrt:21.02.7
Openwrt » Openwrt » Version: 22.03.0

cpe:2.3:o:openwrt:openwrt:22.03.0
Openwrt » Openwrt » Version: 22.03.1

cpe:2.3:o:openwrt:openwrt:22.03.1
Openwrt » Openwrt » Version: 22.03.2

cpe:2.3:o:openwrt:openwrt:22.03.2
Openwrt » Openwrt » Version: 22.03.3

cpe:2.3:o:openwrt:openwrt:22.03.3
Openwrt » Openwrt » Version: 22.03.4

cpe:2.3:o:openwrt:openwrt:22.03.4
Openwrt » Openwrt » Version: 22.03.5

cpe:2.3:o:openwrt:openwrt:22.03.5
Openwrt » Openwrt » Version: 22.03.6

cpe:2.3:o:openwrt:openwrt:22.03.6
Openwrt » Openwrt » Version: 22.03.7

cpe:2.3:o:openwrt:openwrt:22.03.7
Openwrt » Openwrt » Version: 23.05.0

cpe:2.3:o:openwrt:openwrt:23.05.0
Openwrt » Openwrt » Version: 23.05.1

cpe:2.3:o:openwrt:openwrt:23.05.1
Openwrt » Openwrt » Version: 23.05.2

cpe:2.3:o:openwrt:openwrt:23.05.2
Openwrt » Openwrt » Version: 23.05.3

cpe:2.3:o:openwrt:openwrt:23.05.3
Openwrt » Openwrt » Version: 23.05.4

cpe:2.3:o:openwrt:openwrt:23.05.4
Openwrt » Openwrt » Version: 23.05.5

cpe:2.3:o:openwrt:openwrt:23.05.5
Openwrt » Openwrt » Version: 23.05.6

cpe:2.3:o:openwrt:openwrt:23.05.6
Openwrt » Openwrt » Version: 24.10.0

cpe:2.3:o:openwrt:openwrt:24.10.0
Openwrt » Openwrt » Version: 24.10.1

cpe:2.3:o:openwrt:openwrt:24.10.1
Openwrt » Openwrt » Version: 24.10.2

cpe:2.3:o:openwrt:openwrt:24.10.2
Openwrt » Openwrt » Version: 24.10.3

cpe:2.3:o:openwrt:openwrt:24.10.3
Openwrt » Openwrt » Version: 24.10.4

cpe:2.3:o:openwrt:openwrt:24.10.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-30872

Products

Pricing

Contact Us