8.7
/ 10
HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Description
luci-proto-openvpn through 0.11.1, fixed in commit e4ff45e, contains a command injection vulnerability in the generateKey ubus method where the cl_meta parameter is interpolated into a shell command without proper escaping or quoting. An authenticated LuCI user with OpenVPN protocol configuration access can inject arbitrary shell metacharacters into cl_meta to execute commands as root via the popen function.
AI Analysis
Command injection vulnerability in luci-proto-openvpn via cl_meta parameter in generateKey method
Basic Information
ID
CVE-2026-58000
Source
VulnCheck
Published
Jun 29, 2026 at 18:16
Modified
Jun 29, 2026 at 19:21
Affected Product
Vendor
openwrt
Product
luci
Version
0.11.1
Affected Versions
openwrt luci 0
CWE Classification
AI Assessment
AI Score
8.7 / 10
AI Severity
High
Vendor
OpenWRT
Product
luci-proto-openvpn
Version
0.11.1