{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32721", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-13T15:02:00.625Z", "datePublished": "2026-03-19T22:46:43.909Z", "dateUpdated": "2026-03-19T22:46:43.909Z"}, "containers": {"cna": {"title": "LuCI luci-mod-network: Possible XSS attack in WiFi scan on Joining Wireless Client modal", "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/openwrt/luci/security/advisories/GHSA-vvj6-7362-pjrw", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/openwrt/luci/security/advisories/GHSA-vvj6-7362-pjrw"}, {"name": "https://github.com/openwrt/luci/commit/068150ba5f524ef6b03817b258d31ec310053fd6", "tags": ["x_refsource_MISC"], "url": "https://github.com/openwrt/luci/commit/068150ba5f524ef6b03817b258d31ec310053fd6"}, {"name": "https://github.com/openwrt/luci/commit/cdce600aaec66f762f18d608c74cbf3abcafe1c7", "tags": ["x_refsource_MISC"], "url": "https://github.com/openwrt/luci/commit/cdce600aaec66f762f18d608c74cbf3abcafe1c7"}], "affected": [{"vendor": "openwrt", "product": "luci", "versions": [{"version": "< 26.072.65753~068150b", "status": "affected"}]}, {"vendor": "openwrt", "product": "openwrt", "versions": [{"version": "< 24.10.6", "status": "affected"}, {"version": ">= 25.12.0, < 25.12.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-19T22:46:43.909Z"}, "descriptions": [{"lang": "en", "value": "LuCI is the OpenWrt Configuration Interface. Versions prior to both 24.10.5 and 25.12.0, contain a stored XSS vulnerability in the wireless scan modal, where SSID values from scan results are rendered as raw HTML without any sanitization. The wireless.js file in the luci-mod-network package passes SSIDs via a template literal to dom.append(), which processes them through innerHTML, allowing an attacker to craft a malicious SSID containing arbitrary HTML/JavaScript. Exploitation requires the user to actively open the wireless scan modal (e.g., to connect to a Wi-Fi access point or survey nearby channels), and only affects OpenWrt versions newer than 23.05/22.03 up to the patched releases (24.10.6 and 25.12.1). The issue has been fixed in version LuCI 26.072.65753~068150b."}], "source": {"advisory": "GHSA-vvj6-7362-pjrw", "discovery": "UNKNOWN"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "LuCI is the OpenWrt Configuration Interface. Versions prior to both 24.10.5 and 25.12.0, contain a stored XSS vulnerability in the wireless scan modal, where SSID values from scan results are rendered as raw HTML without any sanitization. The wireless.js file in the luci-mod-network package passes SSIDs via a template literal to dom.append(), which processes them through innerHTML, allowing an attacker to craft a malicious SSID containing arbitrary HTML/JavaScript. Exploitation requires the user to actively open the wireless scan modal (e.g., to connect to a Wi-Fi access point or survey nearby channels), and only affects OpenWrt versions newer than 23.05/22.03 up to the patched releases (24.10.6 and 25.12.1). The issue has been fixed in version LuCI 26.072.65753~068150b."}], "id": "CVE-2026-32721", "lastModified": "2026-03-19T23:16:44.030", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 6.0, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-19T23:16:44.030", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/openwrt/luci/commit/068150ba5f524ef6b03817b258d31ec310053fd6"}, {"source": "security-advisories@github.com", "url": "https://github.com/openwrt/luci/commit/cdce600aaec66f762f18d608c74cbf3abcafe1c7"}, {"source": "security-advisories@github.com", "url": "https://github.com/openwrt/luci/security/advisories/GHSA-vvj6-7362-pjrw"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "LuCI: luci-mod-network: OpenWrt: openwrt/luci: LuCI: Arbitrary code execution via malicious Wi-Fi SSID in wireless scan modal", "id": "2449305", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449305"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-79", "details": ["A flaw was found in LuCI, the OpenWrt Configuration Interface. A remote attacker can exploit a stored Cross-Site Scripting (XSS) vulnerability in the wireless scan modal by crafting a malicious Wi-Fi network name (SSID). When a user opens the wireless scan modal, the unsanitized SSID is rendered as raw HTML, allowing the attacker to execute arbitrary HTML or JavaScript code in the user's browser. This can lead to information disclosure or other malicious activities."], "name": "CVE-2026-32721", "public_date": "2026-03-19T22:46:43Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2026-32721\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-32721\nhttps://github.com/openwrt/luci/commit/068150ba5f524ef6b03817b258d31ec310053fd6\nhttps://github.com/openwrt/luci/commit/cdce600aaec66f762f18d608c74cbf3abcafe1c7\nhttps://github.com/openwrt/luci/security/advisories/GHSA-vvj6-7362-pjrw"], "threat_severity": "Important"}

{}