CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-32721

LuCI is the OpenWrt Configuration Interface. Versions prior to both 24.10.5 and 25.12.0, contain a stored XSS vulnerability in the wireless scan modal, where SSID values from scan results are rendered as raw HTML without any sanitization. The wireless.js file in the luci-mod-network package passes SSIDs via a template literal to dom.append(), which processes them through innerHTML, allowing an attacker to craft a malicious SSID containing arbitrary HTML/JavaScript. Exploitation requires the user to actively open the wireless scan modal (e.g., to connect to a Wi-Fi access point or survey nearby channels), and only affects OpenWrt versions newer than 23.05/22.03 up to the patched releases (24.10.6 and 25.12.1). The issue has been fixed in version LuCI 26.072.65753~068150b.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 0.6%

CVSS Severity

CVSS v3 Score 8.6

References

Products affected by CVE-2026-32721

Openwrt » Luci » Version: 0.10.0

cpe:2.3:a:openwrt:luci:0.10.0
Openwrt » Luci » Version: 0.11.0

cpe:2.3:a:openwrt:luci:0.11.0
Openwrt » Luci » Version: 0.11.1

cpe:2.3:a:openwrt:luci:0.11.1
Openwrt » Luci » Version: 0.8.0

cpe:2.3:a:openwrt:luci:0.8.0
Openwrt » Luci » Version: 0.8.1

cpe:2.3:a:openwrt:luci:0.8.1
Openwrt » Luci » Version: 0.8.2

cpe:2.3:a:openwrt:luci:0.8.2
Openwrt » Luci » Version: 0.8.3

cpe:2.3:a:openwrt:luci:0.8.3
Openwrt » Luci » Version: 0.8.4

cpe:2.3:a:openwrt:luci:0.8.4
Openwrt » Luci » Version: 0.8.5

cpe:2.3:a:openwrt:luci:0.8.5
Openwrt » Luci » Version: 0.8.6

cpe:2.3:a:openwrt:luci:0.8.6
Openwrt » Luci » Version: 0.8.7

cpe:2.3:a:openwrt:luci:0.8.7
Openwrt » Luci » Version: 0.8.8

cpe:2.3:a:openwrt:luci:0.8.8
Openwrt » Luci » Version: 0.9.0

cpe:2.3:a:openwrt:luci:0.9.0
Openwrt » Luci » Version: 19.07.0

cpe:2.3:a:openwrt:luci:19.07.0
Openwrt » Luci » Version: 19.07.2

cpe:2.3:a:openwrt:luci:19.07.2
Openwrt » Luci » Version: 19.07.4

cpe:2.3:a:openwrt:luci:19.07.4
Openwrt » Luci » Version: 19.07.6

cpe:2.3:a:openwrt:luci:19.07.6
Openwrt » Luci » Version: 19.07.7

cpe:2.3:a:openwrt:luci:19.07.7
Openwrt » Luci » Version: 22.03.3

cpe:2.3:a:openwrt:luci:22.03.3
Openwrt » Openwrt » Version: Any

cpe:2.3:o:openwrt:openwrt:*
Openwrt » Openwrt » Version: N/A

cpe:2.3:o:openwrt:openwrt:-
Openwrt » Openwrt » Version: 15.05.1

cpe:2.3:o:openwrt:openwrt:15.05.1
Openwrt » Openwrt » Version: 17.01.0

cpe:2.3:o:openwrt:openwrt:17.01.0
Openwrt » Openwrt » Version: 17.01.1

cpe:2.3:o:openwrt:openwrt:17.01.1
Openwrt » Openwrt » Version: 17.01.2

cpe:2.3:o:openwrt:openwrt:17.01.2
Openwrt » Openwrt » Version: 17.01.3

cpe:2.3:o:openwrt:openwrt:17.01.3
Openwrt » Openwrt » Version: 17.01.4

cpe:2.3:o:openwrt:openwrt:17.01.4
Openwrt » Openwrt » Version: 17.01.5

cpe:2.3:o:openwrt:openwrt:17.01.5
Openwrt » Openwrt » Version: 17.01.6

cpe:2.3:o:openwrt:openwrt:17.01.6
Openwrt » Openwrt » Version: 17.01.7

cpe:2.3:o:openwrt:openwrt:17.01.7
Openwrt » Openwrt » Version: 18.06.0

cpe:2.3:o:openwrt:openwrt:18.06.0
Openwrt » Openwrt » Version: 18.06.1

cpe:2.3:o:openwrt:openwrt:18.06.1
Openwrt » Openwrt » Version: 18.06.2

cpe:2.3:o:openwrt:openwrt:18.06.2
Openwrt » Openwrt » Version: 18.06.3

cpe:2.3:o:openwrt:openwrt:18.06.3
Openwrt » Openwrt » Version: 18.06.4

cpe:2.3:o:openwrt:openwrt:18.06.4
Openwrt » Openwrt » Version: 18.06.5

cpe:2.3:o:openwrt:openwrt:18.06.5
Openwrt » Openwrt » Version: 18.06.6

cpe:2.3:o:openwrt:openwrt:18.06.6
Openwrt » Openwrt » Version: 18.06.7

cpe:2.3:o:openwrt:openwrt:18.06.7
Openwrt » Openwrt » Version: 18.06.8

cpe:2.3:o:openwrt:openwrt:18.06.8
Openwrt » Openwrt » Version: 18.06.9

cpe:2.3:o:openwrt:openwrt:18.06.9
Openwrt » Openwrt » Version: 19.07.0

cpe:2.3:o:openwrt:openwrt:19.07.0
Openwrt » Openwrt » Version: 19.07.1

cpe:2.3:o:openwrt:openwrt:19.07.1
Openwrt » Openwrt » Version: 19.07.10

cpe:2.3:o:openwrt:openwrt:19.07.10
Openwrt » Openwrt » Version: 19.07.2

cpe:2.3:o:openwrt:openwrt:19.07.2
Openwrt » Openwrt » Version: 19.07.3

cpe:2.3:o:openwrt:openwrt:19.07.3
Openwrt » Openwrt » Version: 19.07.4

cpe:2.3:o:openwrt:openwrt:19.07.4
Openwrt » Openwrt » Version: 19.07.5

cpe:2.3:o:openwrt:openwrt:19.07.5
Openwrt » Openwrt » Version: 19.07.6

cpe:2.3:o:openwrt:openwrt:19.07.6
Openwrt » Openwrt » Version: 19.07.7

cpe:2.3:o:openwrt:openwrt:19.07.7
Openwrt » Openwrt » Version: 19.07.8

cpe:2.3:o:openwrt:openwrt:19.07.8
Openwrt » Openwrt » Version: 19.07.9

cpe:2.3:o:openwrt:openwrt:19.07.9
Openwrt » Openwrt » Version: 21.02

cpe:2.3:o:openwrt:openwrt:21.02
Openwrt » Openwrt » Version: 21.02.0

cpe:2.3:o:openwrt:openwrt:21.02.0
Openwrt » Openwrt » Version: 21.02.1

cpe:2.3:o:openwrt:openwrt:21.02.1
Openwrt » Openwrt » Version: 21.02.2

cpe:2.3:o:openwrt:openwrt:21.02.2
Openwrt » Openwrt » Version: 21.02.3

cpe:2.3:o:openwrt:openwrt:21.02.3
Openwrt » Openwrt » Version: 21.02.4

cpe:2.3:o:openwrt:openwrt:21.02.4
Openwrt » Openwrt » Version: 21.02.5

cpe:2.3:o:openwrt:openwrt:21.02.5
Openwrt » Openwrt » Version: 21.02.6

cpe:2.3:o:openwrt:openwrt:21.02.6
Openwrt » Openwrt » Version: 21.02.7

cpe:2.3:o:openwrt:openwrt:21.02.7
Openwrt » Openwrt » Version: 22.03.0

cpe:2.3:o:openwrt:openwrt:22.03.0
Openwrt » Openwrt » Version: 22.03.1

cpe:2.3:o:openwrt:openwrt:22.03.1
Openwrt » Openwrt » Version: 22.03.2

cpe:2.3:o:openwrt:openwrt:22.03.2
Openwrt » Openwrt » Version: 22.03.3

cpe:2.3:o:openwrt:openwrt:22.03.3
Openwrt » Openwrt » Version: 22.03.4

cpe:2.3:o:openwrt:openwrt:22.03.4
Openwrt » Openwrt » Version: 22.03.5

cpe:2.3:o:openwrt:openwrt:22.03.5
Openwrt » Openwrt » Version: 22.03.6

cpe:2.3:o:openwrt:openwrt:22.03.6
Openwrt » Openwrt » Version: 22.03.7

cpe:2.3:o:openwrt:openwrt:22.03.7
Openwrt » Openwrt » Version: 23.05.0

cpe:2.3:o:openwrt:openwrt:23.05.0
Openwrt » Openwrt » Version: 23.05.1

cpe:2.3:o:openwrt:openwrt:23.05.1
Openwrt » Openwrt » Version: 23.05.2

cpe:2.3:o:openwrt:openwrt:23.05.2
Openwrt » Openwrt » Version: 23.05.3

cpe:2.3:o:openwrt:openwrt:23.05.3
Openwrt » Openwrt » Version: 23.05.4

cpe:2.3:o:openwrt:openwrt:23.05.4
Openwrt » Openwrt » Version: 23.05.5

cpe:2.3:o:openwrt:openwrt:23.05.5
Openwrt » Openwrt » Version: 23.05.6

cpe:2.3:o:openwrt:openwrt:23.05.6
Openwrt » Openwrt » Version: 24.10.0

cpe:2.3:o:openwrt:openwrt:24.10.0
Openwrt » Openwrt » Version: 24.10.1

cpe:2.3:o:openwrt:openwrt:24.10.1
Openwrt » Openwrt » Version: 24.10.2

cpe:2.3:o:openwrt:openwrt:24.10.2
Openwrt » Openwrt » Version: 24.10.3

cpe:2.3:o:openwrt:openwrt:24.10.3
Openwrt » Openwrt » Version: 24.10.4

cpe:2.3:o:openwrt:openwrt:24.10.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-32721

Products

Pricing

Contact Us